Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
westerndigital vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv2
CVE-2020-29654
Western Digital Dashboard prior to 3.2.2.9 allows DLL Hijacking that leads to compromise of the SYSTEM account.
Westerndigital Dashboard
7.5
CVSSv2
CVE-2020-28940
On Western Digital My Cloud OS 5 devices prior to 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device.
Westerndigital My Cloud Os 5
7.5
CVSSv2
CVE-2020-28970
An issue exists on Western Digital My Cloud OS 5 devices prior to 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands on the device via a cookie. (In addition, an upload endpoint could then be used by an aut...
Westerndigital My Cloud Os 5
7.5
CVSSv2
CVE-2020-28971
An issue exists on Western Digital My Cloud OS 5 devices prior to 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands on the device via a cookie, because of insufficient validation of URI paths.
Westerndigital My Cloud Os 5
10
CVSSv2
CVE-2020-27744
An issue exists on Western Digital My Cloud NAS devices prior to 5.04.114. They allow remote code execution with resultant escalation of privileges.
Westerndigital My Cloud Firmware
7.5
CVSSv2
CVE-2020-12830
Addressed multiple stack buffer overflow vulnerabilities that could allow an malicious user to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices prior to 5.04.114.
Westerndigital My Cloud Firmware
10
CVSSv2
CVE-2020-25765
Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices before 5.4.1140.
Westerndigital My Cloud Firmware
10
CVSSv2
CVE-2020-27159
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices before 5.04.114
Westerndigital My Cloud Firmware
10
CVSSv2
CVE-2020-27158
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices before 5.04.114.
Westerndigital My Cloud Firmware
7.5
CVSSv2
CVE-2020-27160
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices before 5.04.114 (issue 3 of 3).
Westerndigital My Cloud Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »