CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-22993 – Limited Server-Side Request Forgery vulnerability on Western Digital My Cloud devices.
https://notcve.org/view.php?id=CVE-2022-22993
28 Jan 2022 — A limited SSRF vulnerability was discovered on Western Digital My Cloud devices that could allow an attacker to impersonate a server and reach any page on the server by bypassing access controls. The vulnerability was addressed by creating a whitelist for valid parameters. Se ha detectado una vulnerabilidad de tipo SSRF limitada en los dispositivos My Cloud de Western Digital que podía permitir a un atacante hacerse pasar por un servidor y llegar a cualquier página del mismo omitiendo los controles de acces... • https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2022-22992 – Command Injection Remote Code Execution vulnerability on Western Digital My Cloud devices.
https://notcve.org/view.php?id=CVE-2022-22992
17 Jan 2022 — A command injection remote code execution vulnerability was discovered on Western Digital My Cloud Devices that could allow an attacker to execute arbitrary system commands on the device. The vulnerability was addressed by escaping individual arguments to shell functions coming from user input. Se ha detectado una vulnerabilidad de ejecución de código remota por inyección de comandos en los dispositivos My Cloud de Western Digital que podría permitir a un atacante ejecutar comandos arbitrarios del sistema e... • https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22988 – Insecure file and directory permissions on EdgeRover
https://notcve.org/view.php?id=CVE-2022-22988
13 Jan 2022 — File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. It would be more difficult for an authenticated attacker to now traverse through the files and directories. This can only be exploited once an attacker has already found a way to get authenticated access to the device. Se han corregido los permisos de archivos y directorios para evitar que usuarios no deseados modifiquen o accedan a los recursos • https://www.westerndigital.com/support/product-security/wdc-22003-edgerover-desktop-app-version-1-5-0-576 • CWE-275: Permission Issues CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 2%CPEs: 11EXPL: 0CVE-2022-22990 – Limited authentication bypass vulnerability on Western Digital My Cloud devices
https://notcve.org/view.php?id=CVE-2022-22990
13 Jan 2022 — A limited authentication bypass vulnerability was discovered that could allow an attacker to achieve remote code execution and escalate privileges on the My Cloud devices. Addressed this vulnerability by changing access token validation logic and rewriting rule logic on PHP scripts. Se ha detectado una vulnerabilidad de omisión de autenticación limitada que podría permitir a un atacante lograr una ejecución de código remota y escalar privilegios en los dispositivos My Cloud. Se ha abordado esta vulnerabilid... • https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117 • CWE-287: Improper Authentication CWE-697: Incorrect Comparison •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-22991 – Command injection through unsecured HTTP calls on Western Digital My Cloud devices
https://notcve.org/view.php?id=CVE-2022-22991
13 Jan 2022 — A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to trick a NAS device into loading through an unsecured HTTP call. Addressed this vulnerability by disabling checks for internet connectivity using HTTP. Un usuario malicioso en la misma LAN podría usar una suplantación de DNS seguida de un ataque de inyección de comandos para engañar a un dispositivo NAS para que sea cargado mediante una llamada HTTP no segura. Se ha abordado esta vulnerabilidad al deshabilitar l... • https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 11EXPL: 0CVE-2022-22989 – Pre-authenticated stack overflow vulnerability on FTP Service
https://notcve.org/view.php?id=CVE-2022-22989
13 Jan 2022 — My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues. Mi Cloud OS 5 era vulnerable a una vulnerabilidad de desbordamiento de pila preautenticada en el servicio FTP. Se abordó la vulnerabilidad añadiendo defensas contra los problemas de desbordamiento de pila • https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 1CVE-2021-35941
https://notcve.org/view.php?id=CVE-2021-35941
29 Jun 2021 — Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an administrator API that can perform a system factory restore without authentication, as exploited in the wild in June 2021, a different vulnerability than CVE-2018-18472. Western Digital WD My Book Live (versiones 2.x y posteriores) y WD My Book Live Duo (todas las versiones) presentan una API de administrador que puede llevar a cabo una restauración de fábrica del sistema sin autenticación, tal como fue explotado ... • https://arstechnica.com/gadgets/2021/06/hackers-exploited-0-day-not-2018-bug-to-mass-wipe-my-book-live-devices • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33205
https://notcve.org/view.php?id=CVE-2021-33205
11 Jun 2021 — Western Digital EdgeRover before 0.25 has an escalation of privileges vulnerability where a low privileged user could load malicious content into directories with higher privileges, because of how Node.js is used. An attacker can gain admin privileges and carry out malicious activities such as creating a fake library and stealing user credentials. Western Digital EdgeRover versiones anteriores a 0.25, presenta una vulnerabilidad de escalada de privilegios en la que un usuario poco privilegiado podría cargar... • https://www.westerndigital.com/support/productsecurity/wdc-21007-edgerover-windows-app-ver-0-25 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28653
https://notcve.org/view.php?id=CVE-2021-28653
18 Mar 2021 — The iOS and macOS apps before 1.4.1 for the Western Digital G-Technology ArmorLock NVMe SSD store keys insecurely. They choose a non-preferred storage mechanism if the device has Secure Enclave support but lacks biometric authentication hardware. Las aplicaciones iOS y macOS versiones anteriores a 1.4.1 para Western Digital G-Technology ArmorLock NVMe SSD, almacenan claves de forma no segura. Eligen un mecanismo de almacenamiento no preferido si el dispositivo es compatible con Secure Enclave pero care... • https://www.westerndigital.com/support/productsecurity/wdc-21003-armorLock-insecure-key-storage-vulnerability • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 1CVE-2021-3310 – Western Digital MyCloud PR4100 Link Resolution Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-3310
10 Mar 2021 — Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB and AFP shares. This can lead to code execution and information disclosure (by reading local files). Los dispositivos Western Digital My Cloud OS 5 versiones anteriores a 5.10.122, manejan inapropiadamente recursos compartidos de Symbolic Link Following en SMB y AFP. Esto puede conllevar a una ejecución de código y divulgación de información (mediante la lectura de archivos locales) This vulnerability allows ... • https://github.com/piffd0s/CVE-2021-3310 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •