Critical severity9.8NVD Advisory· Published Jan 3, 2017· Updated May 6, 2026
CVE-2016-10107
CVE-2016-10107
Description
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header.
Affected products
1- cpe:2.3:a:western_digital:mycloud_nas:2.11.142:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.stevencampbell.info/2016/12/command-injection-in-western-digital-mycloud-nas/nvdExploitThird Party Advisory
- www.securityfocus.com/bid/95201nvd
News mentions
0No linked articles in our index yet.