CVE-2020-28940
Western Digital MyCloud PR4100 nasAdmin Authentication Bypass Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device.
En los dispositivos Western Digital My Cloud OS 5 versiones anteriores a 5.06.115, el panel de administración de NAS presenta una vulnerabilidad de omisión de autenticación que podría permitir a un usuario no autenticado ejecutar comandos privilegiados en el dispositivo
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.
The specific flaw exists within the nasAdmin service, which listens on TCP port 80 and 443 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to execute arbitrary code in the context of root.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-11-19 CVE Reserved
- 2020-12-01 CVE Published
- 2024-06-10 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-20-1445 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.wdc.com/downloads.aspx?g=907&lang=en#downloads | 2022-04-26 |
| URL | Date | SRC |
|---|---|---|
| https://www.westerndigital.com/support/productsecurity/wdc-20009-os5-firmware-5-06-115 | 2022-04-26 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Westerndigital Search vendor "Westerndigital" | My Cloud Os 5 Search vendor "Westerndigital" for product "My Cloud Os 5" | < 5.06.115 Search vendor "Westerndigital" for product "My Cloud Os 5" and version " < 5.06.115" | - |
Affected
| in | Westerndigital Search vendor "Westerndigital" | My Cloud Ex2 Ultra Search vendor "Westerndigital" for product "My Cloud Ex2 Ultra" | - | - |
Safe
|
| Westerndigital Search vendor "Westerndigital" | My Cloud Os 5 Search vendor "Westerndigital" for product "My Cloud Os 5" | < 5.06.115 Search vendor "Westerndigital" for product "My Cloud Os 5" and version " < 5.06.115" | - |
Affected
| in | Westerndigital Search vendor "Westerndigital" | My Cloud Ex4100 Search vendor "Westerndigital" for product "My Cloud Ex4100" | - | - |
Safe
|
| Westerndigital Search vendor "Westerndigital" | My Cloud Os 5 Search vendor "Westerndigital" for product "My Cloud Os 5" | < 5.06.115 Search vendor "Westerndigital" for product "My Cloud Os 5" and version " < 5.06.115" | - |
Affected
| in | Westerndigital Search vendor "Westerndigital" | My Cloud Mirror Gen 2 Search vendor "Westerndigital" for product "My Cloud Mirror Gen 2" | - | - |
Safe
|
| Westerndigital Search vendor "Westerndigital" | My Cloud Os 5 Search vendor "Westerndigital" for product "My Cloud Os 5" | < 5.06.115 Search vendor "Westerndigital" for product "My Cloud Os 5" and version " < 5.06.115" | - |
Affected
| in | Westerndigital Search vendor "Westerndigital" | My Cloud Pr2100 Search vendor "Westerndigital" for product "My Cloud Pr2100" | - | - |
Safe
|
| Westerndigital Search vendor "Westerndigital" | My Cloud Os 5 Search vendor "Westerndigital" for product "My Cloud Os 5" | < 5.06.115 Search vendor "Westerndigital" for product "My Cloud Os 5" and version " < 5.06.115" | - |
Affected
| in | Westerndigital Search vendor "Westerndigital" | My Cloud Pr4100 Search vendor "Westerndigital" for product "My Cloud Pr4100" | - | - |
Safe
|