Vendor CVEs
Westerndigital
All CVEs
82 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-17153 | Cri | 0.74 | 9.8 | 0.87 | Sep 18, 2018 | It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining… | ||
| CVE-2016-10108 | Cri | 0.74 | 9.8 | 0.95 | Jan 3, 2017 | Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data. | ||
| CVE-2017-17560 | Cri | 0.73 | 9.8 | 0.73 | Dec 12, 2017 | An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on… | ||
| CVE-2016-10107 | Cri | 0.65 | 9.8 | 0.11 | Jan 3, 2017 | Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header. | ||
| CVE-2018-1151 | Cri | 0.64 | 9.8 | 0.08 | Jun 12, 2018 | The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi. | ||
| CVE-2018-9148 | Cri | 0.64 | 9.8 | 0.04 | Mar 30, 2018 | Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication… | ||
| CVE-2025-30247 | Cri | 0.61 | — | 0.01 | Sep 29, 2025 | An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST. | ||
| CVE-2024-22170 | Cri | 0.60 | — | 0.00 | Sep 27, 2024 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102. | ||
| CVE-2024-22167 | Hig | 0.51 | 7.9 | 0.00 | Mar 13, 2024 | A potential DLL hijacking vulnerability in the SanDisk PrivateAccess application for Windows that could lead to arbitrary code execution in the context of the system user. This vulnerability is only exploitable locally if an attacker has access to a copy of the user's vault or… | ||
| CVE-2025-57699 | Med | 0.44 | 6.7 | 0.00 | Aug 22, 2025 | Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with the SYSTEM privilege. | ||
| CVE-2020-13799 | Med | 0.44 | 6.8 | 0.00 | Nov 18, 2020 | Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. The RPMB protocol is specified by industry standards… | ||
| CVE-2024-22168 | Med | 0.38 | — | 0.00 | Jun 24, 2024 | A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user’s… | ||
| CVE-2015-7709 | 0.09 | — | 0.79 | Oct 5, 2015 | The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass authentication and execute arbitrary commands via a series of crafted requests involving the ARKFS_EXEC_CMD operation. | |||
| CVE-2022-29844 | 0.04 | — | 0.36 | Jan 25, 2023 | A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write arbitrary files. This could lead to a full NAS compromise and would give remote execution capabilities to the attacker. | |||
| CVE-2019-16399 | 0.04 | — | 0.07 | Sep 18, 2019 | Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root… | |||
| CVE-2014-2846 | 0.04 | — | 0.09 | Apr 28, 2014 | Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute arbitrary PHP code via a ..././ (dot dot dot slash dot slash) in the lang Cookie… | |||
| CVE-2013-5006 | 0.03 | — | 0.05 | Jul 31, 2013 | main_internet.php on the Western Digital My Net N600 and N750 with firmware 1.03.12 and 1.04.16, and the N900 and N900C with firmware 1.05.12, 1.06.18, and 1.06.28, allows remote attackers to discover the cleartext administrative password by reading the "var pass=" line within… | |||
| CVE-2020-27744 | 0.01 | — | 0.06 | Oct 29, 2020 | An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges. | |||
| CVE-2020-25765 | 0.01 | — | 0.06 | Oct 27, 2020 | Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140. | |||
| CVE-2020-27159 | 0.01 | — | 0.06 | Oct 27, 2020 | Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114 | |||
| CVE-2020-27158 | 0.01 | — | 0.07 | Oct 27, 2020 | Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114. | |||
| CVE-2018-18472 | 0.01 | — | 0.30 | Jun 19, 2019 | Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device,… | |||
| CVE-2023-22819 | 0.00 | — | 0.01 | Feb 5, 2024 | An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home… | |||
| CVE-2023-22817 | 0.00 | — | 0.00 | Feb 5, 2024 | Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was… | |||
| CVE-2023-22815 | 0.00 | — | 0.01 | Jun 30, 2023 | Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker… | |||
| CVE-2023-22816 | 0.00 | — | 0.01 | Jun 30, 2023 | A post-authentication remote command injection vulnerability in a CGI file in Western Digital My Cloud OS 5 devices that could allow an attacker to build files with redirects and execute larger payloads. This issue affects My Cloud OS 5 devices: before 5.26.300. | |||
| CVE-2022-36331 | 0.00 | — | 0.01 | Jun 12, 2023 | Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data. This issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and… | |||
| CVE-2022-36328 | 0.00 | — | 0.01 | May 18, 2023 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western… | |||
| CVE-2022-36327 | 0.00 | — | 0.01 | May 18, 2023 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud… | |||
| CVE-2022-36326 | 0.00 | — | 0.01 | May 18, 2023 | An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home… | |||
| CVE-2022-29840 | 0.00 | — | 0.00 | May 10, 2023 | Server-Side Request Forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL to point back to the loopback adapter was addressed in Western Digital My Cloud OS 5 devices. This could allow the URL to exploit other vulnerabilities on the… | |||
| CVE-2022-29841 | 0.00 | — | 0.01 | May 10, 2023 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that was caused by a command that read files from a privileged location and created a system command without sanitizing the read data. This command could be triggered by an… | |||
| CVE-2022-29842 | 0.00 | — | 0.02 | May 10, 2023 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability that could allow an attacker to execute code in the context of the root user on a vulnerable CGI file was discovered in Western Digital My Cloud OS 5 devicesThis issue affects My… | |||
| CVE-2022-36329 | 0.00 | — | 0.00 | May 10, 2023 | An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before… | |||
| CVE-2022-36330 | 0.00 | — | 0.01 | May 9, 2023 | A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability… | |||
| CVE-2023-22813 | 0.00 | — | 0.00 | May 8, 2023 | A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App.… | |||
| CVE-2023-22812 | 0.00 | — | 0.00 | Mar 24, 2023 | SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols which are susceptible to man-in-the-middle attacks thereby compromising confidentiality and integrity of data. | |||
| CVE-2021-36225 | 0.00 | — | 0.01 | Feb 6, 2023 | Western Digital My Cloud devices before OS5 allow REST API access by low-privileged accounts, as demonstrated by API commands for firmware uploads and installation. | |||
| CVE-2021-36224 | 0.00 | — | 0.01 | Feb 6, 2023 | Western Digital My Cloud devices before OS5 have a nobody account with a blank password. | |||
| CVE-2021-36226 | 0.00 | — | 0.01 | Feb 6, 2023 | Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files. | |||
| CVE-2022-29843 | 0.00 | — | 0.01 | Jan 25, 2023 | A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to execute code in the context of the root user. | |||
| CVE-2022-29838 | 0.00 | — | 0.00 | Dec 9, 2022 | Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western Digital My Cloud devices allows insecure direct access to the drive information in the case of a device reset. This issue affects: Western Digital My Cloud My Cloud versions prior… | |||
| CVE-2022-29839 | 0.00 | — | 0.00 | Dec 9, 2022 | Insufficiently Protected Credentials vulnerability in the remote backups application on Western Digital My Cloud devices that could allow an attacker who has gained access to a relevant endpoint to use that information to access protected data. This issue affects: Western… | |||
| CVE-2022-29837 | 0.00 | — | 0.00 | Dec 1, 2022 | A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution. | |||
| CVE-2022-29836 | 0.00 | — | 0.00 | Nov 9, 2022 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability was discovered via an HTTP API on Western Digital My Cloud Home; My Cloud Home Duo; and SanDisk ibi devices that could allow an attacker to abuse certain parameters to point to random… | |||
| CVE-2022-23006 | 0.00 | — | 0.00 | Sep 27, 2022 | A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file. This vulnerability can only be exploited by chaining… | |||
| CVE-2022-23001 | 0.00 | — | 0.01 | Jul 29, 2022 | When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user's assistance can exploit this vulnerability with only knowledge of the public key and the library.… | |||
| CVE-2022-22999 | 0.00 | — | 0.00 | Jul 25, 2022 | Western Digital My Cloud devices are vulnerable to a cross side scripting vulnerability that can allow a malicious user with elevated privileges access to drives being backed up to construct and inject JavaScript payloads into an authenticated user's browser. As a result, it may… | |||
| CVE-2022-23000 | 0.00 | — | 0.00 | Jul 25, 2022 | The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an "SSL" context instead of "TLS" or specifying… | |||
| CVE-2022-22997 | 0.00 | — | 0.01 | Jul 12, 2022 | Addressed a remote code execution vulnerability by resolving a command injection vulnerability and closing an AWS S3 bucket that potentially allowed an attacker to execute unsigned code on My Cloud Home devices. |
- risk 0.74cvss 9.8epss 0.87
It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining…
- risk 0.74cvss 9.8epss 0.95
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data.
- risk 0.73cvss 9.8epss 0.73
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on…
- risk 0.65cvss 9.8epss 0.11
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header.
- risk 0.64cvss 9.8epss 0.08
The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi.
- risk 0.64cvss 9.8epss 0.04
Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication…
- risk 0.61cvss —epss 0.01
An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST.
- risk 0.60cvss —epss 0.00
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102.
- risk 0.51cvss 7.9epss 0.00
A potential DLL hijacking vulnerability in the SanDisk PrivateAccess application for Windows that could lead to arbitrary code execution in the context of the system user. This vulnerability is only exploitable locally if an attacker has access to a copy of the user's vault or…
- risk 0.44cvss 6.7epss 0.00
Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with the SYSTEM privilege.
- risk 0.44cvss 6.8epss 0.00
Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. The RPMB protocol is specified by industry standards…
- risk 0.38cvss —epss 0.00
A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user’s…
- CVE-2015-7709Oct 5, 2015risk 0.09cvss —epss 0.79
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass authentication and execute arbitrary commands via a series of crafted requests involving the ARKFS_EXEC_CMD operation.
- CVE-2022-29844Jan 25, 2023risk 0.04cvss —epss 0.36
A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write arbitrary files. This could lead to a full NAS compromise and would give remote execution capabilities to the attacker.
- CVE-2019-16399Sep 18, 2019risk 0.04cvss —epss 0.07
Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root…
- CVE-2014-2846Apr 28, 2014risk 0.04cvss —epss 0.09
Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute arbitrary PHP code via a ..././ (dot dot dot slash dot slash) in the lang Cookie…
- CVE-2013-5006Jul 31, 2013risk 0.03cvss —epss 0.05
main_internet.php on the Western Digital My Net N600 and N750 with firmware 1.03.12 and 1.04.16, and the N900 and N900C with firmware 1.05.12, 1.06.18, and 1.06.28, allows remote attackers to discover the cleartext administrative password by reading the "var pass=" line within…
- CVE-2020-27744Oct 29, 2020risk 0.01cvss —epss 0.06
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.
- CVE-2020-25765Oct 27, 2020risk 0.01cvss —epss 0.06
Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140.
- CVE-2020-27159Oct 27, 2020risk 0.01cvss —epss 0.06
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114
- CVE-2020-27158Oct 27, 2020risk 0.01cvss —epss 0.07
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114.
- CVE-2018-18472Jun 19, 2019risk 0.01cvss —epss 0.30
Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device,…
- CVE-2023-22819Feb 5, 2024risk 0.00cvss —epss 0.01
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home…
- CVE-2023-22817Feb 5, 2024risk 0.00cvss —epss 0.00
Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was…
- CVE-2023-22815Jun 30, 2023risk 0.00cvss —epss 0.01
Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files. This vulnerability can only be exploited over the network and the attacker…
- CVE-2023-22816Jun 30, 2023risk 0.00cvss —epss 0.01
A post-authentication remote command injection vulnerability in a CGI file in Western Digital My Cloud OS 5 devices that could allow an attacker to build files with redirects and execute larger payloads. This issue affects My Cloud OS 5 devices: before 5.26.300.
- CVE-2022-36331Jun 12, 2023risk 0.00cvss —epss 0.01
Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data. This issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and…
- CVE-2022-36328May 18, 2023risk 0.00cvss —epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western…
- CVE-2022-36327May 18, 2023risk 0.00cvss —epss 0.01
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud…
- CVE-2022-36326May 18, 2023risk 0.00cvss —epss 0.01
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home…
- CVE-2022-29840May 10, 2023risk 0.00cvss —epss 0.00
Server-Side Request Forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL to point back to the loopback adapter was addressed in Western Digital My Cloud OS 5 devices. This could allow the URL to exploit other vulnerabilities on the…
- CVE-2022-29841May 10, 2023risk 0.00cvss —epss 0.01
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that was caused by a command that read files from a privileged location and created a system command without sanitizing the read data. This command could be triggered by an…
- CVE-2022-29842May 10, 2023risk 0.00cvss —epss 0.02
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability that could allow an attacker to execute code in the context of the root user on a vulnerable CGI file was discovered in Western Digital My Cloud OS 5 devicesThis issue affects My…
- CVE-2022-36329May 10, 2023risk 0.00cvss —epss 0.00
An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before…
- CVE-2022-36330May 9, 2023risk 0.00cvss —epss 0.01
A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability…
- CVE-2023-22813May 8, 2023risk 0.00cvss —epss 0.00
A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App.…
- CVE-2023-22812Mar 24, 2023risk 0.00cvss —epss 0.00
SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols which are susceptible to man-in-the-middle attacks thereby compromising confidentiality and integrity of data.
- CVE-2021-36225Feb 6, 2023risk 0.00cvss —epss 0.01
Western Digital My Cloud devices before OS5 allow REST API access by low-privileged accounts, as demonstrated by API commands for firmware uploads and installation.
- CVE-2021-36224Feb 6, 2023risk 0.00cvss —epss 0.01
Western Digital My Cloud devices before OS5 have a nobody account with a blank password.
- CVE-2021-36226Feb 6, 2023risk 0.00cvss —epss 0.01
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files.
- CVE-2022-29843Jan 25, 2023risk 0.00cvss —epss 0.01
A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to execute code in the context of the root user.
- CVE-2022-29838Dec 9, 2022risk 0.00cvss —epss 0.00
Improper Authentication vulnerability in the encrypted volumes and auto mount features of Western Digital My Cloud devices allows insecure direct access to the drive information in the case of a device reset. This issue affects: Western Digital My Cloud My Cloud versions prior…
- CVE-2022-29839Dec 9, 2022risk 0.00cvss —epss 0.00
Insufficiently Protected Credentials vulnerability in the remote backups application on Western Digital My Cloud devices that could allow an attacker who has gained access to a relevant endpoint to use that information to access protected data. This issue affects: Western…
- CVE-2022-29837Dec 1, 2022risk 0.00cvss —epss 0.00
A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution.
- CVE-2022-29836Nov 9, 2022risk 0.00cvss —epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability was discovered via an HTTP API on Western Digital My Cloud Home; My Cloud Home Duo; and SanDisk ibi devices that could allow an attacker to abuse certain parameters to point to random…
- CVE-2022-23006Sep 27, 2022risk 0.00cvss —epss 0.00
A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file. This vulnerability can only be exploited by chaining…
- CVE-2022-23001Jul 29, 2022risk 0.00cvss —epss 0.01
When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user's assistance can exploit this vulnerability with only knowledge of the public key and the library.…
- CVE-2022-22999Jul 25, 2022risk 0.00cvss —epss 0.00
Western Digital My Cloud devices are vulnerable to a cross side scripting vulnerability that can allow a malicious user with elevated privileges access to drives being backed up to construct and inject JavaScript payloads into an authenticated user's browser. As a result, it may…
- CVE-2022-23000Jul 25, 2022risk 0.00cvss —epss 0.00
The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an "SSL" context instead of "TLS" or specifying…
- CVE-2022-22997Jul 12, 2022risk 0.00cvss —epss 0.01
Addressed a remote code execution vulnerability by resolving a command injection vulnerability and closing an AWS S3 bucket that potentially allowed an attacker to execute unsigned code on My Cloud Home devices.
Page 1 of 2