VYPR

My Cloud Devices

by Westerndigital

CVEs (2)

  • CVE-2020-25765CriOct 27, 2020
    risk 0.64cvss 9.8epss 0.06

    Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140.

  • CVE-2022-22992HigJan 28, 2022
    risk 0.51cvss 7.8epss 0.02

    A command injection remote code execution vulnerability was discovered on Western Digital My Cloud Devices that could allow an attacker to execute arbitrary system commands on the device. The vulnerability was addressed by escaping individual arguments to shell functions coming…