VYPR

My Cloud OS 5

by Westerndigital

CVEs (24)

  • CVE-2022-29840MedMay 10, 2023
    risk 0.33cvss 5.1epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL to point back to the loopback adapter was addressed in Western Digital My Cloud OS 5 devices. This could allow the URL to exploit other vulnerabilities on the…

  • CVE-2023-22819MedFeb 5, 2024
    risk 0.32cvss 4.9epss 0.01

    An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home…

  • CVE-2022-36326MedMay 18, 2023
    risk 0.29cvss 4.4epss 0.01

    An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home…

  • CVE-2023-22813LowMay 8, 2023
    risk 0.21cvss 3.3epss 0.00

    A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App.…

Page 2 of 2