CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 1CVE-2020-27744
https://notcve.org/view.php?id=CVE-2020-27744
29 Oct 2020 — An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges. Se detectó un problema en los dispositivos NAS de Western Digital My Cloud versiones anteriores a 5.04.114. Permiten una ejecución de código remota con una escalada de privilegios resultante • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 2%CPEs: 18EXPL: 2CVE-2019-9949
https://notcve.org/view.php?id=CVE-2019-9949
23 May 2019 — Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the "cgi_untar" command. Other commands might... • https://bnbdr.github.io/posts/wd • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2019-9950
https://notcve.org/view.php?id=CVE-2019-9950
24 Apr 2019 — Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file checks credentials against /etc/shadow. However, the "nobody" account (which can be used to access the control panel API as a low-privilege logged-in user) has a default empty password, allowing an attacker to modify the My Cloud EX2 Ult... • https://bnbdr.github.io/posts/wd • CWE-521: Weak Password Requirements •