Medium severity5.5NVD Advisory· Published Feb 5, 2024· Updated Jun 17, 2026
CVE-2023-22817
CVE-2023-22817
Description
Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed by fixing DNS addresses that refer to loopback. This issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Range: <9.5.1-104
- Range: <5.27.161
- Western Digital/My Cloud Home & Duov5Range: 0
- Western Digital/My Cloud OS 5v5Range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.