CVSS: 9.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22170 – Unchecked buffer in Dynamic DNS client
https://notcve.org/view.php?id=CVE-2024-22170
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HTTP responses provided to the ddns-start program. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. • https://www.westerndigital.com/support/product-security/wdc-24005-western-digital-my-cloud-os-5-firmware-5-29-102 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-22813 – Device API endpoint missing access controls on Western Digital Mobile and Web Apps
https://notcve.org/view.php?id=CVE-2023-22813
A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a permissive CORS policy and missing authentication requirement for private IPs, a remote attacker on the same network as the device could obtain device information by convincing a victim user to visit an attacker-controlled server and issue a cross-site request. This issue affects My Cloud OS 5 Mobile App: before 4.21.0; My Cloud Home Mobile App: before 4.21.0; ibi Mobile App: before 4.21.0; My Cloud OS 5 Web App: before 4.26.0-6126; My Cloud Home Web App: before 4.26.0-6126; ibi Web App: before 4.26.0-6126. • https://www.westerndigital.com/support/product-security/wdc-23004-western-digital-my-cloud-os-5-my-cloud-home-sandisk-ibi-and-wd-cloud-mobile-and-web-app-update • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7928
https://notcve.org/view.php?id=CVE-2018-7928
There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an attacker can replace the old account with a new one through special steps by exploit this vulnerability. As a result, the FRP function is bypassed. Hay una vulnerabilidad de seguridad que podría conducir a la omisión del FRP (Factory Reset Protection) en MyCloud APP en versiones anteriores a la 8.1.2.303 instalada en algunos smartphones Huawei. Al volver a configurar el teléfono móvil mediante la función FRP, un atacante puede reemplazar la cuenta antigua por una nueva mediante pasos especiales explotando esta vulnerabilidad. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180930-01-mycloud-en •