Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability that could allow an attacker to execute code in the context of the root user on a vulnerable CGI file was discovered in Western Digital My Cloud OS 5 devicesThis issue affects My Cloud OS 5: before 5.26.119.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWesterndigital My Cloud
HWWesterndigitalwszystkie wersjeWesterndigital My Cloud Dl2100
HWWesterndigitalwszystkie wersjeWesterndigital My Cloud Dl4100
HWWesterndigitalwszystkie wersjeWesterndigital My Cloud Ex2100
HWWesterndigitalwszystkie wersjeWesterndigital My Cloud Ex2 Ultra
HWWesterndigitalwszystkie wersjeWesterndigital My Cloud Ex4100
HWWesterndigitalwszystkie wersjeWesterndigital My Cloud Mirror G2
HWWesterndigitalwszystkie wersjeWesterndigital My Cloud Os
OSWesterndigital5.02.104 – 5.26.119 (bez)Westerndigital My Cloud Pr2100
HWWesterndigitalwszystkie wersjeWesterndigital My Cloud Pr4100
HWWesterndigitalwszystkie wersjeWesterndigital Wd Cloud
HWWesterndigitalwszystkie wersje
Powiązane podatności
An authentication bypass issue via spoofing was discovered in the token-based authentication mechanism that co...
Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impe...
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files.
Western Digital My Cloud devices before OS5 have a nobody account with a blank password.
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writi...