CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2022-36331 – Impersonation attack causing an Authentication Bypass on Western Digital devices
https://notcve.org/view.php?id=CVE-2022-36331
08 Jun 2023 — Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data. This issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo: before 8.13.1-102; SanDisk ibi: before 8.13.1-102. This vulnerability allows remote attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100 NAS devices. Some user interaction i... • https://https://www.westerndigital.com/support/product-security/wdc-22020-my-cloud-os-5-my-cloud-home-ibi-firmware-update • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2022-23000 – Weak Default SSL use in Port Forwarding Service
https://notcve.org/view.php?id=CVE-2022-23000
25 Jul 2022 — The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an "SSL" context instead of "TLS" or specifying stronger validation, deprecated or insecure protocols are permitted. As a result, a local user with no privileges can exploit this vulnerability and jeopardize the integrity, confidentiality and authenticity of information transmitted. Th... • https://www.westerndigital.com/support/product-security/wdc-22011-my-cloud-firmware-version-5-23-114 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2022-22995 – Western Digital My Cloud OS 5 and My Cloud Home Unauthenticated Arbitrary File Write Vulnerability in Netatalk
https://notcve.org/view.php?id=CVE-2022-22995
25 Mar 2022 — The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code. La combinación de primitivas que ofrecen SMB y AFP en su configuración por defecto permite la escritura arbitraria de archivos. Al explotar esta combinación de primitivas, un atacante puede ejecutar código arbitrario It was discovered that Netatalk did not properly protect an SMB and AFP default confi... • https://lists.debian.org/debian-lts-announce/2024/01/msg00000.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 10%CPEs: 6EXPL: 1CVE-2020-27744
https://notcve.org/view.php?id=CVE-2020-27744
29 Oct 2020 — An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges. Se detectó un problema en los dispositivos NAS de Western Digital My Cloud versiones anteriores a 5.04.114. Permiten una ejecución de código remota con una escalada de privilegios resultante • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 8%CPEs: 6EXPL: 1CVE-2020-25765
https://notcve.org/view.php?id=CVE-2020-25765
27 Oct 2020 — Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140. Se abordó una vulnerabilidad de ejecución de código remota en el archivo reg_device.php debido a una comprobación insuficiente de entrada del usuario en los dispositivos Western Digital My Cloud versiones anteriores a 5.4.1140 • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 8%CPEs: 6EXPL: 1CVE-2020-27159
https://notcve.org/view.php?id=CVE-2020-27159
27 Oct 2020 — Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114 Se abordó una vulnerabilidad de ejecución de código remota en el archivo DsdkProxy.php, debido a un saneamiento insuficiente y una comprobación insuficiente de entrada del usuario en los dispositivos NAS Western Digital My Cloud versiones anteriores a 5.04.114 • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 10%CPEs: 6EXPL: 1CVE-2020-27158
https://notcve.org/view.php?id=CVE-2020-27158
27 Oct 2020 — Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114. Se abordó una vulnerabilidad de ejecución de código remota en el archivo cgi_api.php, que permitía una escalada de privilegios en dispositivos NAS de Western Digital My Cloud versiones anteriores a 5.04.114 • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 4%CPEs: 6EXPL: 1CVE-2020-27160
https://notcve.org/view.php?id=CVE-2020-27160
27 Oct 2020 — Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3). Se abordó una vulnerabilidad de ejecución de código remota en el archivo AvailableApps.php, que permitía una escalada de privilegios en dispositivos NAS Western Digital My Cloud versiones anteriores a 5.04.114 (número 3 de 3) • https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 5%CPEs: 6EXPL: 0CVE-2020-12830
https://notcve.org/view.php?id=CVE-2020-12830
27 Oct 2020 — Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114. Se abordaron múltiples vulnerabilidades de desbordamiento del búfer de pila que podrían permitir a un atacante llevar a cabo una escalada de privilegios por medio de una ejecución de código remota no autorizada en dispositivos Western Digital My Cloud versiones anteriores a 5.04.114 • https://support.wdc.com/downloads.aspx?g=907&lang=en • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 5%CPEs: 2EXPL: 1CVE-2018-9148
https://notcve.org/view.php?id=CVE-2018-9148
30 Mar 2018 — Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud. Los dispositivos Western Digital WD My Cloud v04.05.00-320 incrustan el token de sesión (también conocido como PHPSESSID) en los nombres de los archivos, lo que hace que sea más fácil para lo... • https://exploit-db.com/exploits/44350 • CWE-287: Improper Authentication •