CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 1CVE-2016-10107
https://notcve.org/view.php?id=CVE-2016-10107
03 Jan 2017 — Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header. Inyección de comandos remotos no autenticados como root ocurre en la página index.php de Western Digital MyCloud NAS 2.11.142 a través de una cabecera Cookie modificada. • http://www.securityfocus.com/bid/95201 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 91%CPEs: 1EXPL: 2CVE-2016-10108 – Western Digital MyCloud Unauthenticated Command Injection
https://notcve.org/view.php?id=CVE-2016-10108
03 Jan 2017 — Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data. Inyección de comandos remotos no autenticados como root ocurre en la URL /web/google_analytics.php de Western Digital MyCloud NAS 2.11.142 a través de un parámetro arg modificado en el dato POST. • https://packetstorm.news/files/id/173802 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •