CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13467
https://notcve.org/view.php?id=CVE-2019-13467
30 Sep 2019 — Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 applications are potentially vulnerable to man-in-the-middle attacks when the applications download resources from the Dashboard web service. This vulnerability may allow an attacker to substitute downloaded resources with arbitrary files. Descripción: Western Digital SSD Dashboard versiones anteriores a 2.5.1.0 y SanDisk SSD Dashboard versiones anteriores a 2.5.1.0, las aplicaciones son potencialmente vulnera... • https://support.wdc.com/downloads.aspx?g=907&lang=en •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13466
https://notcve.org/view.php?id=CVE-2019-13466
30 Sep 2019 — Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available. El panel de Western Digital SSD anterior a la versión 2.5.1.0 y el panel de SanDisk SSD anterior a la versión 2.5.1.0 tienen un control de acceso incorrecto. El archivo "generar informes" está protegido con una contraseña codificada. • https://support.wdc.com/downloads.aspx?g=907&lang=en • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 10%CPEs: 2EXPL: 3CVE-2019-16399 – Western Digital My Book World II NAS 1.02.12 - Authentication Bypass / Command Execution
https://notcve.org/view.php?id=CVE-2019-16399
18 Sep 2019 — Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me. Western Digital WD My Book World versiones hasta II 1.02.12 sufre de Violación de Autenticación, lo que permite a un atacante acceder al directorio /admin/ sin credenciales. Un atacante puede fácilmente habilitar SSH desde... • https://packetstorm.news/files/id/154524 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 20%CPEs: 2EXPL: 0CVE-2018-18472
https://notcve.org/view.php?id=CVE-2018-18472
19 Jun 2019 — Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the wild in June 2021 for factory reset commands, Western Digital WD My Book Live y WD My Book Live Duo (todas las versiones) tienen un fallo de ejecución remota de comandos a través de metacaracteres de shell en el ... • https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 2%CPEs: 18EXPL: 2CVE-2019-9949
https://notcve.org/view.php?id=CVE-2019-9949
23 May 2019 — Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the "cgi_untar" command. Other commands might... • https://bnbdr.github.io/posts/wd • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2019-9950
https://notcve.org/view.php?id=CVE-2019-9950
24 Apr 2019 — Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file checks credentials against /etc/shadow. However, the "nobody" account (which can be used to access the control panel API as a low-privilege logged-in user) has a default empty password, allowing an attacker to modify the My Cloud EX2 Ult... • https://bnbdr.github.io/posts/wd • CWE-521: Weak Password Requirements •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7928
https://notcve.org/view.php?id=CVE-2018-7928
09 Oct 2018 — There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an attacker can replace the old account with a new one through special steps by exploit this vulnerability. As a result, the FRP function is bypassed. Hay una vulnerabilidad de seguridad que podría conducir a la omisión del FRP (Factory Reset Protection) en MyCloud ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180930-01-mycloud-en •
CVSS: 10.0EPSS: 38%CPEs: 4EXPL: 1CVE-2018-1151
https://notcve.org/view.php?id=CVE-2018-1151
12 Jun 2018 — The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi. El servidor web en Western Digital TV Media Player 1.03.07 y TV Live Hub 3.12.13 permite que atacantes remotos no autenticados ejecuten código arbitrario o provoquen una denegación de servicio (DoS) mediante peticiones HTTP manipuladas en toServerValue.cgi. • https://www.tenable.com/security/research/tra-2018-14 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 2EXPL: 1CVE-2018-9148
https://notcve.org/view.php?id=CVE-2018-9148
30 Mar 2018 — Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud. Los dispositivos Western Digital WD My Cloud v04.05.00-320 incrustan el token de sesión (también conocido como PHPSESSID) en los nombres de los archivos, lo que hace que sea más fácil para lo... • https://exploit-db.com/exploits/44350 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 83%CPEs: 2EXPL: 3CVE-2017-17560 – Western Digital MyCloud - 'multi_uploadify' File Upload
https://notcve.org/view.php?id=CVE-2017-17560
12 Dec 2017 — An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root. Se ha descubierto un error en los dispositivos Western Digital MyCloud PR4100 2.30.172. E... • https://packetstorm.news/files/id/145447 • CWE-287: Improper Authentication •