// For flags

CVE-2022-29836

Post-Auth Path Traversal Vulnerability Allows to Custom Package Installation via HTTP API

Severity Score

4.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability was discovered via an HTTP API on Western Digital My Cloud Home; My Cloud Home Duo; and SanDisk ibi devices that could allow an attacker to abuse certain parameters to point to random locations on the file system. This could also allow the attacker to initiate the installation of custom packages at these locations. This can only be exploited once the attacker has been authenticated to the device. This issue affects: Western Digital My Cloud Home and My Cloud Home Duo versions prior to 8.11.0-113 on Linux; SanDisk ibi versions prior to 8.11.0-113 on Linux.

Se descubrió una vulnerabilidad de limitación inadecuada de un nombre de ruta a un Restricted Directory ("Path Traversal") a través de una API HTTP en Western Digital My Cloud Home; My Cloud Home Duo; y dispositivos SanDisk ibi que podrían permitir a un atacante abusar de ciertos parámetros para señalar ubicaciones aleatorias en el sistema de archivos. Esto también podría permitir al atacante iniciar la instalación de paquetes personalizados en estas ubicaciones. Esto sólo puede explotarse una vez que el atacante se haya autenticado en el dispositivo. Este problema afecta a: versiones de Western Digital My Cloud Home y My Cloud Home Duo anteriores a 8.11.0-113 en Linux; Versiones de SanDisk ibi anteriores a 8.11.0-113 en Linux.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-04-27 CVE Reserved
  • 2022-11-09 CVE Published
  • 2023-11-16 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Westerndigital
Search vendor "Westerndigital"
My Cloud Home Firmware
Search vendor "Westerndigital" for product "My Cloud Home Firmware"
< 8.11.0-113
Search vendor "Westerndigital" for product "My Cloud Home Firmware" and version " < 8.11.0-113"
-
Affected
in Westerndigital
Search vendor "Westerndigital"
My Cloud Home
Search vendor "Westerndigital" for product "My Cloud Home"
--
Safe
Westerndigital
Search vendor "Westerndigital"
My Cloud Home Duo Firmware
Search vendor "Westerndigital" for product "My Cloud Home Duo Firmware"
< 8.11.0-113
Search vendor "Westerndigital" for product "My Cloud Home Duo Firmware" and version " < 8.11.0-113"
-
Affected
in Westerndigital
Search vendor "Westerndigital"
My Cloud Home Duo
Search vendor "Westerndigital" for product "My Cloud Home Duo"
--
Safe
Westerndigital
Search vendor "Westerndigital"
Sandisk Ibi Firmware
Search vendor "Westerndigital" for product "Sandisk Ibi Firmware"
< 8.11.0-113
Search vendor "Westerndigital" for product "Sandisk Ibi Firmware" and version " < 8.11.0-113"
-
Affected
in Westerndigital
Search vendor "Westerndigital"
Sandisk Ibi
Search vendor "Westerndigital" for product "Sandisk Ibi"
--
Safe