Vulnerabilites related to westerndigital - my_cloud_firmware
cve-2019-9950
Vulnerability from cvelistv5
Published
2019-04-24 17:17
Modified
2024-08-04 22:10
Severity ?
Summary
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file checks credentials against /etc/shadow. However, the "nobody" account (which can be used to access the control panel API as a low-privilege logged-in user) has a default empty password, allowing an attacker to modify the My Cloud EX2 Ultra web page source code and obtain access to the My Cloud as a non-Admin My Cloud device user.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:10:08.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-174-3-26-19/235932"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.wdc.com/downloads.aspx?g=2702\u0026lang=en"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bnbdr.github.io/posts/wd/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/bnbdr/wd-rce/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file checks credentials against /etc/shadow. However, the \"nobody\" account (which can be used to access the control panel API as a low-privilege logged-in user) has a default empty password, allowing an attacker to modify the My Cloud EX2 Ultra web page source code and obtain access to the My Cloud as a non-Admin My Cloud device user."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-28T17:38:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-174-3-26-19/235932"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.wdc.com/downloads.aspx?g=2702\u0026lang=en"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bnbdr.github.io/posts/wd/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/bnbdr/wd-rce/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-9950",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file checks credentials against /etc/shadow. However, the \"nobody\" account (which can be used to access the control panel API as a low-privilege logged-in user) has a default empty password, allowing an attacker to modify the My Cloud EX2 Ultra web page source code and obtain access to the My Cloud as a non-Admin My Cloud device user."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-174-3-26-19/235932",
              "refsource": "CONFIRM",
              "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-174-3-26-19/235932"
            },
            {
              "name": "https://support.wdc.com/downloads.aspx?g=2702\u0026lang=en",
              "refsource": "CONFIRM",
              "url": "https://support.wdc.com/downloads.aspx?g=2702\u0026lang=en"
            },
            {
              "name": "https://bnbdr.github.io/posts/wd/",
              "refsource": "MISC",
              "url": "https://bnbdr.github.io/posts/wd/"
            },
            {
              "name": "https://github.com/bnbdr/wd-rce/",
              "refsource": "MISC",
              "url": "https://github.com/bnbdr/wd-rce/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-9950",
    "datePublished": "2019-04-24T17:17:57",
    "dateReserved": "2019-03-23T00:00:00",
    "dateUpdated": "2024-08-04T22:10:08.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-23000
Vulnerability from cvelistv5
Published
2022-07-25 18:46
Modified
2024-08-03 03:28
Summary
The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an "SSL" context instead of "TLS" or specifying stronger validation, deprecated or insecure protocols are permitted. As a result, a local user with no privileges can exploit this vulnerability and jeopardize the integrity, confidentiality and authenticity of information transmitted. The scope of impact cannot extend to other components and no user input is required to exploit this vulnerability.
Impacted products
Vendor Product Version
Western Digital My Cloud Version: My Cloud OS 5   < 5.23.114
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:28:43.001Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/product-security/wdc-22011-my-cloud-firmware-version-5-23-114"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Linux"
          ],
          "product": "My Cloud",
          "vendor": "Western Digital",
          "versions": [
            {
              "lessThan": "5.23.114",
              "status": "affected",
              "version": "My Cloud OS 5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an \"SSL\" context instead of \"TLS\" or specifying stronger validation, deprecated or insecure protocols are permitted. As a result, a local user with no privileges can exploit this vulnerability and jeopardize the integrity, confidentiality and authenticity of information transmitted. The scope of impact cannot extend to other components and no user input is required to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-757",
              "description": "CWE-757 Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-25T18:46:02",
        "orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
        "shortName": "WDC PSIRT"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.westerndigital.com/support/product-security/wdc-22011-my-cloud-firmware-version-5-23-114"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Weak Default SSL use in Port Forwarding Service",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@wdc.com",
          "ID": "CVE-2022-23000",
          "STATE": "PUBLIC",
          "TITLE": "Weak Default SSL use in Port Forwarding Service"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "My Cloud",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Linux",
                            "version_affected": "\u003c",
                            "version_name": "My Cloud OS 5",
                            "version_value": "5.23.114"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Western Digital"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an \"SSL\" context instead of \"TLS\" or specifying stronger validation, deprecated or insecure protocols are permitted. As a result, a local user with no privileges can exploit this vulnerability and jeopardize the integrity, confidentiality and authenticity of information transmitted. The scope of impact cannot extend to other components and no user input is required to exploit this vulnerability."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-757 Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.westerndigital.com/support/product-security/wdc-22011-my-cloud-firmware-version-5-23-114",
              "refsource": "MISC",
              "url": "https://www.westerndigital.com/support/product-security/wdc-22011-my-cloud-firmware-version-5-23-114"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification."
          }
        ],
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
    "assignerShortName": "WDC PSIRT",
    "cveId": "CVE-2022-23000",
    "datePublished": "2022-07-25T18:46:02",
    "dateReserved": "2022-01-10T00:00:00",
    "dateUpdated": "2024-08-03T03:28:43.001Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-36331
Vulnerability from cvelistv5
Published
2023-06-12 17:57
Modified
2025-01-03 14:48
Severity ?
Summary
Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data. This issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo: before 8.13.1-102; SanDisk ibi: before 8.13.1-102.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:00:04.251Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://https://www.westerndigital.com/support/product-security/wdc-22020-my-cloud-os-5-my-cloud-home-ibi-firmware-update"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-36331",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-03T14:47:57.847828Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-03T14:48:13.386Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "My Cloud OS 5",
          "vendor": "Western Digital",
          "versions": [
            {
              "lessThan": "5.25.132",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "My Cloud Home and My Cloud Home Duo",
          "vendor": "Western Digital",
          "versions": [
            {
              "lessThan": " 8.13.1-102",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "ibi",
          "vendor": "SanDisk",
          "versions": [
            {
              "lessThan": " 8.13.1-102",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Claroty Research, Team82 \u2013 Vera Mens, Noam Moshe, Uri Katz and Sharon Brizinov working with Trend Micro\u2019s Zero Day Initiative"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWestern Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eThis issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo: before 8.13.1-102; SanDisk ibi: before 8.13.1-102.\u003c/p\u003e"
            }
          ],
          "value": "Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data.\nThis issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo: before 8.13.1-102; SanDisk ibi: before 8.13.1-102.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "CWE-290 Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-12T17:57:51.994Z",
        "orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
        "shortName": "WDC PSIRT"
      },
      "references": [
        {
          "url": "https://https://www.westerndigital.com/support/product-security/wdc-22020-my-cloud-os-5-my-cloud-home-ibi-firmware-update"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAll My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices have been or will be automatically updated to the latest firmware version. Cloud access will not be available until your My Cloud Home/My Cloud Home Duo/SanDisk ibi device has been updated to firmware version 8.13.1-102 or above. Please refer to this \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support-en.wd.com/app/answers/detailweb/a_id/50563\"\u003eKBA\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eUsers of other My Cloud devices should promptly update to the latest firmware by clicking the firmware update notification to receive the latest security fixes. Cloud access will not be available until your My Cloud device has been updated to firmware version 5.25.132 or above. Please refer to this \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support-en.wd.com/app/answers/detailweb/a_id/50564\"\u003eKBA\u003c/a\u003e.\u003c/p\u003e"
            }
          ],
          "value": "All My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices have been or will be automatically updated to the latest firmware version. Cloud access will not be available until your My Cloud Home/My Cloud Home Duo/SanDisk ibi device has been updated to firmware version 8.13.1-102 or above. Please refer to this  KBA https://support-en.wd.com/app/answers/detailweb/a_id/50563 .\n\nUsers of other My Cloud devices should promptly update to the latest firmware by clicking the firmware update notification to receive the latest security fixes. Cloud access will not be available until your My Cloud device has been updated to firmware version 5.25.132 or above. Please refer to this  KBA https://support-en.wd.com/app/answers/detailweb/a_id/50564 .\n\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Impersonation attack causing an Authentication Bypass on Western Digital devices",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
    "assignerShortName": "WDC PSIRT",
    "cveId": "CVE-2022-36331",
    "datePublished": "2023-06-12T17:57:51.994Z",
    "dateReserved": "2022-07-20T13:57:56.405Z",
    "dateUpdated": "2025-01-03T14:48:13.386Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-22995
Vulnerability from cvelistv5
Published
2022-03-25 00:00
Modified
2024-08-03 03:28
Severity ?
Summary
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code.
Impacted products
Vendor Product Version
Western Digital My Cloud Version: My Cloud OS 5   < 5.19.117
Create a notification for this product.
   Western Digital My Cloud Home Version: My Cloud Home   < 7.16-220
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:28:42.925Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities"
          },
          {
            "name": "FEDORA-2023-cec97f7b5d",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/"
          },
          {
            "name": "FEDORA-2023-ef901c862c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/"
          },
          {
            "name": "GLSA-202311-02",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202311-02"
          },
          {
            "name": "FEDORA-2023-39f0ec3879",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/55ROUJI22SHZX5EM23QAILZHI67EZQKW/"
          },
          {
            "name": "[debian-lts-announce] 20240104 [SECURITY] [DLA 3706-1] netatalk security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Linux"
          ],
          "product": "My Cloud",
          "vendor": "Western Digital",
          "versions": [
            {
              "lessThan": " 5.19.117",
              "status": "affected",
              "version": "My Cloud OS 5",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "Android "
          ],
          "product": "My Cloud Home",
          "vendor": "Western Digital",
          "versions": [
            {
              "lessThan": " 7.16-220",
              "status": "affected",
              "version": "My Cloud Home",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Corentin BAYET (@OnlyTheDuck), Etienne HELLUY-LAFONT and Luca MORO (@johncool__) from Synacktiv working with Trend Micro\u2019s Zero Day Initiative"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-04T22:06:13.592937",
        "orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
        "shortName": "WDC PSIRT"
      },
      "references": [
        {
          "url": "https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities"
        },
        {
          "name": "FEDORA-2023-cec97f7b5d",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/"
        },
        {
          "name": "FEDORA-2023-ef901c862c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/"
        },
        {
          "name": "GLSA-202311-02",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202311-02"
        },
        {
          "name": "FEDORA-2023-39f0ec3879",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/55ROUJI22SHZX5EM23QAILZHI67EZQKW/"
        },
        {
          "name": "[debian-lts-announce] 20240104 [SECURITY] [DLA 3706-1] netatalk security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00000.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Western Digital My Cloud OS 5 and My Cloud Home Unauthenticated Arbitrary File Write Vulnerability in Netatalk",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
    "assignerShortName": "WDC PSIRT",
    "cveId": "CVE-2022-22995",
    "datePublished": "2022-03-25T00:00:00",
    "dateReserved": "2022-01-10T00:00:00",
    "dateUpdated": "2024-08-03T03:28:42.925Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-9148
Vulnerability from cvelistv5
Published
2018-03-30 19:00
Modified
2024-08-05 07:17
Severity ?
Summary
Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud.
References
https://exploit-db.com/exploits/44350/exploit, x_refsource_EXPLOIT-DB
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:17:51.193Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "44350",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://exploit-db.com/exploits/44350/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-03-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-30T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "44350",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://exploit-db.com/exploits/44350/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-9148",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "44350",
              "refsource": "EXPLOIT-DB",
              "url": "https://exploit-db.com/exploits/44350/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-9148",
    "datePublished": "2018-03-30T19:00:00",
    "dateReserved": "2018-03-30T00:00:00",
    "dateUpdated": "2024-08-05T07:17:51.193Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27158
Vulnerability from cvelistv5
Published
2020-10-27 19:46
Modified
2024-08-04 16:11
Severity ?
Summary
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:11:35.736Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-16T20:42:49",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-27158",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.westerndigital.com/support/productsecurity",
              "refsource": "MISC",
              "url": "https://www.westerndigital.com/support/productsecurity"
            },
            {
              "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114",
              "refsource": "CONFIRM",
              "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
            },
            {
              "name": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/",
              "refsource": "MISC",
              "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-27158",
    "datePublished": "2020-10-27T19:46:01",
    "dateReserved": "2020-10-15T00:00:00",
    "dateUpdated": "2024-08-04T16:11:35.736Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27744
Vulnerability from cvelistv5
Published
2020-10-29 16:14
Modified
2024-08-04 16:18
Severity ?
Summary
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.719Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-16T20:45:50",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-27744",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114",
              "refsource": "MISC",
              "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
            },
            {
              "name": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/",
              "refsource": "MISC",
              "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-27744",
    "datePublished": "2020-10-29T16:14:43",
    "dateReserved": "2020-10-27T00:00:00",
    "dateUpdated": "2024-08-04T16:18:45.719Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-12830
Vulnerability from cvelistv5
Published
2020-10-27 19:32
Modified
2024-08-04 12:04
Severity ?
Summary
Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:04:22.889Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-27T19:32:52",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-12830",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en",
              "refsource": "MISC",
              "url": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en"
            },
            {
              "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114",
              "refsource": "CONFIRM",
              "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-12830",
    "datePublished": "2020-10-27T19:32:52",
    "dateReserved": "2020-05-13T00:00:00",
    "dateUpdated": "2024-08-04T12:04:22.889Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27159
Vulnerability from cvelistv5
Published
2020-10-27 19:51
Modified
2024-08-04 16:11
Severity ?
Summary
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:11:35.687Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-16T20:43:39",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-27159",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.westerndigital.com/support/productsecurity",
              "refsource": "MISC",
              "url": "https://www.westerndigital.com/support/productsecurity"
            },
            {
              "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114",
              "refsource": "CONFIRM",
              "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
            },
            {
              "name": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/",
              "refsource": "MISC",
              "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-27159",
    "datePublished": "2020-10-27T19:51:06",
    "dateReserved": "2020-10-15T00:00:00",
    "dateUpdated": "2024-08-04T16:11:35.687Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-9949
Vulnerability from cvelistv5
Published
2019-05-23 13:22
Modified
2024-08-04 22:10
Severity ?
Summary
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the "cgi_untar" command. Other commands might also be susceptible. Code can be executed because the "name" parameter passed to the cgi_unzip command is not sanitized.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:10:08.808Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-183-05-20-2019/237717"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bnbdr.github.io/posts/wd/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/bnbdr/wd-rce/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-05-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the \"cgi_untar\" command. Other commands might also be susceptible. Code can be executed because the \"name\" parameter passed to the cgi_unzip command is not sanitized."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-28T17:35:59",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-183-05-20-2019/237717"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bnbdr.github.io/posts/wd/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/bnbdr/wd-rce/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-9949",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the \"cgi_untar\" command. Other commands might also be susceptible. Code can be executed because the \"name\" parameter passed to the cgi_unzip command is not sanitized."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-183-05-20-2019/237717",
              "refsource": "CONFIRM",
              "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-183-05-20-2019/237717"
            },
            {
              "name": "https://bnbdr.github.io/posts/wd/",
              "refsource": "MISC",
              "url": "https://bnbdr.github.io/posts/wd/"
            },
            {
              "name": "https://github.com/bnbdr/wd-rce/",
              "refsource": "MISC",
              "url": "https://github.com/bnbdr/wd-rce/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-9949",
    "datePublished": "2019-05-23T13:22:27",
    "dateReserved": "2019-03-23T00:00:00",
    "dateUpdated": "2024-08-04T22:10:08.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-27160
Vulnerability from cvelistv5
Published
2020-10-27 19:41
Modified
2024-08-04 16:11
Severity ?
Summary
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3).
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:11:35.726Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-16T20:45:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-27160",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.westerndigital.com/support/productsecurity",
              "refsource": "MISC",
              "url": "https://www.westerndigital.com/support/productsecurity"
            },
            {
              "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114",
              "refsource": "CONFIRM",
              "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
            },
            {
              "name": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/",
              "refsource": "MISC",
              "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-27160",
    "datePublished": "2020-10-27T19:41:01",
    "dateReserved": "2020-10-15T00:00:00",
    "dateUpdated": "2024-08-04T16:11:35.726Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-25765
Vulnerability from cvelistv5
Published
2020-10-27 20:00
Modified
2024-08-04 15:40
Severity ?
Summary
Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:40:36.883Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-16T20:42:12",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-25765",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.westerndigital.com/support/productsecurity",
              "refsource": "MISC",
              "url": "https://www.westerndigital.com/support/productsecurity"
            },
            {
              "name": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114",
              "refsource": "CONFIRM",
              "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
            },
            {
              "name": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/",
              "refsource": "MISC",
              "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-25765",
    "datePublished": "2020-10-27T20:00:54",
    "dateReserved": "2020-09-18T00:00:00",
    "dateUpdated": "2024-08-04T15:40:36.883Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2023-06-12 18:15
Modified
2024-11-21 07:12
Summary
Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data. This issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo: before 8.13.1-102; SanDisk ibi: before 8.13.1-102.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B66F84E3-4B1F-4359-9CB9-C4DA88012CBC",
              "versionEndExcluding": "5.25.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41816E5B-6A6F-47AF-8EB3-065CEAE2F905",
              "versionEndExcluding": "5.25.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B95A4FC-8694-42CA-8F12-0EB42A596B2C",
              "versionEndExcluding": "5.25.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CF78188-7B7B-4672-8553-34616F21E740",
              "versionEndExcluding": "5.25.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A581EBA-A1F2-4ABC-8183-29973A46FA43",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_mirror_g2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BDE1153-A1A1-495C-BADA-409721BBC3F3",
              "versionEndExcluding": "5.25.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_g2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DE090BC-C847-4DF7-9C5F-52A300845558",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AE31BDF-EF2A-4A9F-AFEA-EDA4125598D4",
              "versionEndExcluding": "5.25.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E783EBC-7608-4527-B1AD-9B4E7A7A108C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9AC1B82-BDCC-42F6-AFCF-BDC036EDBA23",
              "versionEndExcluding": "5.25.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3034F4A-239C-4E38-9BD6-217361A7C519",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71600FC4-BF21-4BA4-BC67-DC9EA43920DC",
              "versionEndExcluding": "5.25.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABBBDC1E-2320-4767-B669-1BB2FFB1E1C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_home_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E0D7EFC-04BD-467F-89A8-50A5E6541F75",
              "versionEndExcluding": "8.13.1-102",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_home:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BE2FBAB-5BA0-4F09-A76E-4A6869668810",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_home_duo_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19584F79-F6AD-4348-A420-D6D7634C678B",
              "versionEndExcluding": "8.13.1-102",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_home_duo:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "124BBC79-65A2-465C-B784-D21E57E96F63",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:sandisk_ibi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "470DB475-1C91-43F7-A0E1-0B38FEC6AAA3",
              "versionEndExcluding": "8.13.1-102",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:sandisk_ibi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "296ADA43-16BA-4444-B472-DB945FB917B2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB0CF5DA-8CEC-4E0C-864F-D18B79F92E0F",
              "versionEndExcluding": "5.25.132",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9EE86B-05EE-4F2E-A912-624DDCF9C41B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data.\nThis issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo: before 8.13.1-102; SanDisk ibi: before 8.13.1-102.\n\n"
    }
  ],
  "id": "CVE-2022-36331",
  "lastModified": "2024-11-21T07:12:48.703",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "psirt@wdc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-12T18:15:09.747",
  "references": [
    {
      "source": "psirt@wdc.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://https://www.westerndigital.com/support/product-security/wdc-22020-my-cloud-os-5-my-cloud-home-ibi-firmware-update"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/product-security/wdc-22020-my-cloud-os-5-my-cloud-home-ibi-firmware-update"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://https://www.westerndigital.com/support/product-security/wdc-22020-my-cloud-os-5-my-cloud-home-ibi-firmware-update"
    }
  ],
  "sourceIdentifier": "psirt@wdc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "psirt@wdc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-03-30 19:29
Modified
2024-11-21 04:15
Severity ?
Summary
Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud.
References
cve@mitre.orghttps://exploit-db.com/exploits/44350/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://exploit-db.com/exploits/44350/Exploit, Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
westerndigital my_cloud_firmware 04.05.00-320
westerndigital my_cloud -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:04.05.00-320:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D9AD8B-B95B-48DE-8820-51A0EC427671",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9EE86B-05EE-4F2E-A912-624DDCF9C41B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud."
    },
    {
      "lang": "es",
      "value": "Los dispositivos Western Digital WD My Cloud v04.05.00-320 incrustan el token de sesi\u00f3n (tambi\u00e9n conocido como PHPSESSID) en los nombres de los archivos, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes omitir la autenticaci\u00f3n al listar un directorio. NOTA: esto se puede explotar junto con CVE-2018-7171 para omitir la autenticaci\u00f3n remota en un producto que utiliza My Cloud."
    }
  ],
  "id": "CVE-2018-9148",
  "lastModified": "2024-11-21T04:15:04.677",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-30T19:29:00.397",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exploit-db.com/exploits/44350/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exploit-db.com/exploits/44350/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-03-25 23:15
Modified
2024-11-21 06:47
Summary
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code.
References
psirt@wdc.comhttps://lists.debian.org/debian-lts-announce/2024/01/msg00000.html
psirt@wdc.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/55ROUJI22SHZX5EM23QAILZHI67EZQKW/Mailing List
psirt@wdc.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/Mailing List
psirt@wdc.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/Mailing List
psirt@wdc.comhttps://security.gentoo.org/glsa/202311-02Issue Tracking, Third Party Advisory
psirt@wdc.comhttps://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilitiesVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2024/01/msg00000.html
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/55ROUJI22SHZX5EM23QAILZHI67EZQKW/Mailing List
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/Mailing List
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/Mailing List
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202311-02Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilitiesVendor Advisory



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8383E9FC-13FD-4A17-8B66-EEB8B6149BDC",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB009E7E-7622-4ECC-92A1-0A243231FD07",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8798DF-7A77-41A0-85A2-0A5A4B6989A9",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0BF3DA8-8B6E-4653-80EF-BC720EF07C93",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A581EBA-A1F2-4ABC-8183-29973A46FA43",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_mirror_gen_2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52993B07-DA31-4B5E-BF48-58365B17B4F4",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5695E842-1561-4A4F-901F-6EC07F558989",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D91194-446C-4589-BBD2-3DDB5168F428",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E783EBC-7608-4527-B1AD-9B4E7A7A108C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25D4325A-499E-4EE9-BF9A-F9023F40C5E1",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3034F4A-239C-4E38-9BD6-217361A7C519",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38C7A235-CB9B-4B57-9EBA-6512A20A8AB7",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABBBDC1E-2320-4767-B669-1BB2FFB1E1C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "716C7564-7342-4D77-9936-0D49A9B76358",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9EE86B-05EE-4F2E-A912-624DDCF9C41B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:wd_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "400B0EA3-FD94-414B-882A-7D3DEDF03305",
              "versionEndExcluding": "5.19.117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FDE0337-4329-4CE3-9B0B-61BE8361E910",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_home_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D002E37F-1CFF-47CC-BAB6-67725A70D20A",
              "versionEndExcluding": "7.16-220",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_home:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BE2FBAB-5BA0-4F09-A76E-4A6869668810",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B3B3806-09AC-4151-9138-19276A22C961",
              "versionEndExcluding": "3.1.18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "La combinaci\u00f3n de primitivas que ofrecen SMB y AFP en su configuraci\u00f3n por defecto permite la escritura arbitraria de archivos. Al explotar esta combinaci\u00f3n de primitivas, un atacante puede ejecutar c\u00f3digo arbitrario"
    }
  ],
  "id": "CVE-2022-22995",
  "lastModified": "2024-11-21T06:47:46.037",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 10.0,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.0,
        "source": "psirt@wdc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-03-25T23:15:08.410",
  "references": [
    {
      "source": "psirt@wdc.com",
      "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00000.html"
    },
    {
      "source": "psirt@wdc.com",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/55ROUJI22SHZX5EM23QAILZHI67EZQKW/"
    },
    {
      "source": "psirt@wdc.com",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/"
    },
    {
      "source": "psirt@wdc.com",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/"
    },
    {
      "source": "psirt@wdc.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202311-02"
    },
    {
      "source": "psirt@wdc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/55ROUJI22SHZX5EM23QAILZHI67EZQKW/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202311-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities"
    }
  ],
  "sourceIdentifier": "psirt@wdc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ],
      "source": "psirt@wdc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-07-25 19:15
Modified
2024-11-21 06:47
Summary
The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an "SSL" context instead of "TLS" or specifying stronger validation, deprecated or insecure protocols are permitted. As a result, a local user with no privileges can exploit this vulnerability and jeopardize the integrity, confidentiality and authenticity of information transmitted. The scope of impact cannot extend to other components and no user input is required to exploit this vulnerability.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20F89970-BE6B-4D54-B507-DBC44B1FD14F",
              "versionEndExcluding": "5.23.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB474374-298B-4A60-AB5C-C7422EF7FB57",
              "versionEndExcluding": "5.23.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB3A72C6-7461-4916-B443-C3332AC458C1",
              "versionEndExcluding": "5.23.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69DC6E33-18F7-45D7-9169-FA8888E74A7B",
              "versionEndExcluding": "5.23.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A581EBA-A1F2-4ABC-8183-29973A46FA43",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_mirror_g2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9226338-8147-4C13-8556-BA5FA55FDD26",
              "versionEndExcluding": "5.23.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_g2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DE090BC-C847-4DF7-9C5F-52A300845558",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE68BF0-E806-40BB-862F-C440CA151A73",
              "versionEndExcluding": "5.23.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E783EBC-7608-4527-B1AD-9B4E7A7A108C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EB1A9E9-1DC9-40F9-8606-D5BAC39FB651",
              "versionEndExcluding": "5.23.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3034F4A-239C-4E38-9BD6-217361A7C519",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "17E97D4A-8015-4FEB-8450-ED8C70D4E702",
              "versionEndExcluding": "5.23.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABBBDC1E-2320-4767-B669-1BB2FFB1E1C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA960F88-8DB3-4A9C-9303-51ED5FAF1A7A",
              "versionEndExcluding": "5.23.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9EE86B-05EE-4F2E-A912-624DDCF9C41B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to maintain compatibility with old or outdated home routers. By using an \"SSL\" context instead of \"TLS\" or specifying stronger validation, deprecated or insecure protocols are permitted. As a result, a local user with no privileges can exploit this vulnerability and jeopardize the integrity, confidentiality and authenticity of information transmitted. The scope of impact cannot extend to other components and no user input is required to exploit this vulnerability."
    },
    {
      "lang": "es",
      "value": "La aplicaci\u00f3n web Western Digital My Cloud [https://os5.mycloud.com/] usa un SSLContext d\u00e9bil cuando intenta configurar reglas de reenv\u00edo de puertos. Esto fue habilitado para mantener la compatibilidad con routers dom\u00e9sticos antiguos o anticuados. Al usar un contexto \"SSL\" en lugar de \"TLS\" o especificar una comprobaci\u00f3n m\u00e1s fuerte, son permitidos protocolos obsoletos o no seguros. Como resultado, un usuario local no privilegiado puede explotar esta vulnerabilidad y poner en peligro la integridad, confidencialidad y autenticidad de la informaci\u00f3n transmitida. El alcance del impacto no puede extenderse a otros componentes y no es requerida ninguna entrada del usuario para explotar esta vulnerabilidad"
    }
  ],
  "id": "CVE-2022-23000",
  "lastModified": "2024-11-21T06:47:46.717",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 4.7,
        "source": "psirt@wdc.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-07-25T19:15:30.787",
  "references": [
    {
      "source": "psirt@wdc.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/product-security/wdc-22011-my-cloud-firmware-version-5-23-114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/product-security/wdc-22011-my-cloud-firmware-version-5-23-114"
    }
  ],
  "sourceIdentifier": "psirt@wdc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-757"
        }
      ],
      "source": "psirt@wdc.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-05-23 14:29
Modified
2024-11-21 04:52
Summary
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the "cgi_untar" command. Other commands might also be susceptible. Code can be executed because the "name" parameter passed to the cgi_unzip command is not sanitized.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "714E5757-A95F-4DDA-AC1A-DCF1B20768FF",
              "versionEndExcluding": "2.31.183",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9EE86B-05EE-4F2E-A912-624DDCF9C41B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_mirror_gen2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDE3883-5632-402E-B947-9BD0B7A67BDC",
              "versionEndExcluding": "2.31.183",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC3A412B-F905-4FBC-8536-820AF5162A08",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9EAF1C1-12EC-4371-95C7-E47198CD03B9",
              "versionEndExcluding": "2.31.183",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A581EBA-A1F2-4ABC-8183-29973A46FA43",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54F52366-4371-430C-BC7A-D471457F7A08",
              "versionEndExcluding": "2.31.183",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABBBDC1E-2320-4767-B669-1BB2FFB1E1C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD78AD7F-716A-4E59-A6F0-715D10D56131",
              "versionEndExcluding": "2.31.183",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FEBF873-C17B-492B-881F-A06B98232F28",
              "versionEndExcluding": "2.31.183",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E783EBC-7608-4527-B1AD-9B4E7A7A108C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E842104F-6A82-4CD9-A28D-9AC99CCC19E2",
              "versionEndExcluding": "2.31.183",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3034F4A-239C-4E38-9BD6-217361A7C519",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA43057-A100-4E60-8F77-50ADD6673A97",
              "versionEndExcluding": "2.31.183",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9771E7E5-7F75-4CBB-A100-7178A786A365",
              "versionEndExcluding": "2.31.183",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the \"cgi_untar\" command. Other commands might also be susceptible. Code can be executed because the \"name\" parameter passed to the cgi_unzip command is not sanitized."
    },
    {
      "lang": "es",
      "value": "Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 y PR4100 antes del firmware versi\u00f3n 2.31.183 se ven afectados por una ejecuci\u00f3n de c\u00f3digo (as root, starting from a low-privilege user session). El archivo cgi-bin/webfile_mgr.cgi permite la escritura arbitraria de archivos al abusar de los symlinks. Espec\u00edficamente, esto ocurre al cargar un archivo \"tar\" que contiene un enlace simb\u00f3lico, y despu\u00e9s cargar otro archivo que escribe un archivo en el enlace usando el comando \"cgi_untar\". Otros comandos tambi\u00e9n pueden ser susceptibles. El c\u00f3digo puede ser ejecutado porque el par\u00e1metro \"nombre\" pas\u00f3 hacia el comando cgi_unzip sin estar saneado."
    }
  ],
  "id": "CVE-2019-9949",
  "lastModified": "2024-11-21T04:52:39.470",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-23T14:29:08.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://bnbdr.github.io/posts/wd/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-183-05-20-2019/237717"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/bnbdr/wd-rce/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://bnbdr.github.io/posts/wd/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-183-05-20-2019/237717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/bnbdr/wd-rce/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-10-27 20:15
Modified
2024-11-21 05:20
Severity ?
Summary
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3).



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A91F2BA-EC12-4060-A0A5-9E4EB6238036",
              "versionEndExcluding": "5.04.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_expert_series_ex2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1351BC5-FF95-4041-8D4A-F6975AEE84A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_-_gen_2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70F1252-64C8-4174-9D61-957D1D52FE6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3)."
    },
    {
      "lang": "es",
      "value": "Se abord\u00f3 una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el archivo AvailableApps.php, que permit\u00eda una escalada de privilegios en dispositivos NAS Western Digital My Cloud versiones anteriores a 5.04.114 (n\u00famero 3 de 3)"
    }
  ],
  "id": "CVE-2020-27160",
  "lastModified": "2024-11-21T05:20:48.323",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-27T20:15:22.190",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-10-29 17:15
Modified
2024-11-21 05:21
Severity ?
Summary
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A91F2BA-EC12-4060-A0A5-9E4EB6238036",
              "versionEndExcluding": "5.04.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A581EBA-A1F2-4ABC-8183-29973A46FA43",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC3A412B-F905-4FBC-8536-820AF5162A08",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 un problema en los dispositivos NAS de Western Digital My Cloud versiones anteriores a 5.04.114.\u0026#xa0;Permiten una ejecuci\u00f3n de c\u00f3digo remota con  una escalada de privilegios resultante"
    }
  ],
  "id": "CVE-2020-27744",
  "lastModified": "2024-11-21T05:21:44.567",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-29T17:15:12.903",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-10-27 20:15
Modified
2024-11-21 05:00
Severity ?
Summary
Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A91F2BA-EC12-4060-A0A5-9E4EB6238036",
              "versionEndExcluding": "5.04.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_expert_series_ex2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1351BC5-FF95-4041-8D4A-F6975AEE84A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_-_gen_2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70F1252-64C8-4174-9D61-957D1D52FE6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114."
    },
    {
      "lang": "es",
      "value": "Se abordaron m\u00faltiples vulnerabilidades de desbordamiento del b\u00fafer de pila que podr\u00edan permitir a un atacante llevar a cabo una escalada de privilegios por medio de una ejecuci\u00f3n de c\u00f3digo remota no autorizada en dispositivos Western Digital My Cloud versiones anteriores a 5.04.114"
    }
  ],
  "id": "CVE-2020-12830",
  "lastModified": "2024-11-21T05:00:21.610",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-27T20:15:21.533",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-10-27 20:15
Modified
2024-11-21 05:20
Severity ?
Summary
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A91F2BA-EC12-4060-A0A5-9E4EB6238036",
              "versionEndExcluding": "5.04.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_expert_series_ex2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1351BC5-FF95-4041-8D4A-F6975AEE84A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_-_gen_2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70F1252-64C8-4174-9D61-957D1D52FE6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114."
    },
    {
      "lang": "es",
      "value": "Se abord\u00f3 una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el archivo cgi_api.php, que permit\u00eda una escalada de privilegios en dispositivos NAS de Western Digital My Cloud versiones anteriores a 5.04.114"
    }
  ],
  "id": "CVE-2020-27158",
  "lastModified": "2024-11-21T05:20:48.067",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-27T20:15:22.033",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-10-27 20:15
Modified
2024-11-21 05:18
Severity ?
Summary
Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A91F2BA-EC12-4060-A0A5-9E4EB6238036",
              "versionEndExcluding": "5.04.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_expert_series_ex2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1351BC5-FF95-4041-8D4A-F6975AEE84A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_-_gen_2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70F1252-64C8-4174-9D61-957D1D52FE6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140."
    },
    {
      "lang": "es",
      "value": "Se abord\u00f3 una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el archivo reg_device.php debido a una comprobaci\u00f3n insuficiente de entrada del usuario en los dispositivos Western Digital My Cloud versiones anteriores a 5.4.1140"
    }
  ],
  "id": "CVE-2020-25765",
  "lastModified": "2024-11-21T05:18:42.433",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-27T20:15:21.970",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-10-27 20:15
Modified
2024-11-21 05:20
Severity ?
Summary
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A91F2BA-EC12-4060-A0A5-9E4EB6238036",
              "versionEndExcluding": "5.04.114",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_expert_series_ex2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1351BC5-FF95-4041-8D4A-F6975AEE84A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_-_gen_2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C70F1252-64C8-4174-9D61-957D1D52FE6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114"
    },
    {
      "lang": "es",
      "value": "Se abord\u00f3 una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el archivo DsdkProxy.php, debido a un saneamiento insuficiente y una comprobaci\u00f3n insuficiente de entrada del usuario en los dispositivos NAS Western Digital My Cloud versiones anteriores a 5.04.114"
    }
  ],
  "id": "CVE-2020-27159",
  "lastModified": "2024-11-21T05:20:48.197",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-10-27T20:15:22.110",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.comparitech.com/blog/information-security/security-vulnerabilities-80000-devices-update-now/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.westerndigital.com/support/productsecurity/wdc-20007-my-cloud-firmware-version-5-04-114"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-04-24 18:29
Modified
2024-11-21 04:52
Severity ?
Summary
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file checks credentials against /etc/shadow. However, the "nobody" account (which can be used to access the control panel API as a low-privilege logged-in user) has a default empty password, allowing an attacker to modify the My Cloud EX2 Ultra web page source code and obtain access to the My Cloud as a non-Admin My Cloud device user.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B728EC5-A2EF-45CF-A161-A9D0091CD4CF",
              "versionEndExcluding": "2.31.174",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A9EE86B-05EE-4F2E-A912-624DDCF9C41B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_mirror_gen2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA1EBC48-CFA8-40F6-9C29-F4B317D96D83",
              "versionEndExcluding": "2.31.174",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC3A412B-F905-4FBC-8536-820AF5162A08",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A910B29-7691-400C-8AFD-F7D11FB4D7D9",
              "versionEndExcluding": "2.31.174",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A581EBA-A1F2-4ABC-8183-29973A46FA43",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0BF9CA3-79E8-4AF1-BCF2-52AFD14CE32B",
              "versionEndExcluding": "2.31.174",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABBBDC1E-2320-4767-B669-1BB2FFB1E1C4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B51F996-016C-4361-A9CC-D1A5301408D1",
              "versionEndExcluding": "2.31.174",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B78030F0-6655-4604-9D16-2FA1F3FD52FF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFB62D6-3ADB-49DC-BD9C-6CA717150681",
              "versionEndExcluding": "2.31.174",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E783EBC-7608-4527-B1AD-9B4E7A7A108C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BCA9265-C4C9-47F9-99A4-D4E259652995",
              "versionEndExcluding": "2.31.174",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3034F4A-239C-4E38-9BD6-217361A7C519",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "850F34E6-D550-4BD3-A330-3827081956EB",
              "versionEndExcluding": "2.31.174",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF58260B-2131-402C-A9DA-67B188136DE1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "873ACDFD-112B-4E8F-ADE3-1E782C55D4BC",
              "versionEndExcluding": "2.31.174",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0C2FD9-4792-4DA2-9698-E53109A499EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file checks credentials against /etc/shadow. However, the \"nobody\" account (which can be used to access the control panel API as a low-privilege logged-in user) has a default empty password, allowing an attacker to modify the My Cloud EX2 Ultra web page source code and obtain access to the My Cloud as a non-Admin My Cloud device user."
    },
    {
      "lang": "es",
      "value": "My Digital, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 y My Cloud PR4100 firmware anterior a 2.31.174, se ve impactado por una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n . El archivo login_mgr.cgi verifica las credenciales contra /etc/shadow. Sin embargo, la cuenta de \"nobody\" (que se puede usar para acceder a la API del panel de control como un usuario con pocos privilegios de acceso) tiene una contrase\u00f1a vac\u00eda por defecto, lo que permite a un atacante alterar el c\u00f3digo fuente de la p\u00e1gina web My Cloud EX2 Ultra y conseguir acceso a My Cloud como usuario no administrador de My Cloud."
    }
  ],
  "id": "CVE-2019-9950",
  "lastModified": "2024-11-21T04:52:39.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-04-24T18:29:01.793",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "https://bnbdr.github.io/posts/wd/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-174-3-26-19/235932"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://github.com/bnbdr/wd-rce/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.wdc.com/downloads.aspx?g=2702\u0026lang=en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bnbdr.github.io/posts/wd/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-174-3-26-19/235932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/bnbdr/wd-rce/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.wdc.com/downloads.aspx?g=2702\u0026lang=en"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-521"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}