Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
westerndigital my cloud firmware vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2017-17560
An issue exists on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device...
Westerndigital My Cloud Pr4100 Firmware 2.30.172
1 EDB exploit
890
VMScore
CVE-2020-27744
An issue exists on Western Digital My Cloud NAS devices prior to 5.04.114. They allow remote code execution with resultant escalation of privileges.
Westerndigital My Cloud Firmware
890
VMScore
CVE-2020-25765
Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices before 5.4.1140.
Westerndigital My Cloud Firmware
890
VMScore
CVE-2020-27158
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices before 5.04.114.
Westerndigital My Cloud Firmware
890
VMScore
CVE-2020-27159
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices before 5.04.114
Westerndigital My Cloud Firmware
801
VMScore
CVE-2019-9949
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitra...
Westerndigital My Cloud Firmware
Westerndigital My Cloud Mirror Gen2 Firmware
Westerndigital My Cloud Ex2 Ultra Firmware
Westerndigital My Cloud Ex2100 Firmware
Westerndigital My Cloud Ex4100 Firmware
Westerndigital My Cloud Dl2100 Firmware
Westerndigital My Cloud Dl4100 Firmware
Westerndigital My Cloud Pr2100 Firmware
Westerndigital My Cloud Pr4100 Firmware
1 Github repository
668
VMScore
CVE-2022-22997
Addressed a remote code execution vulnerability by resolving a command injection vulnerability and closing an AWS S3 bucket that potentially allowed an malicious user to execute unsigned code on My Cloud Home devices.
Westerndigital My Cloud Home Duo Firmware
Westerndigital My Cloud Home Firmware
668
VMScore
CVE-2022-22995
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code.
Westerndigital My Cloud Pr2100 Firmware
Westerndigital My Cloud Pr4100 Firmware
Westerndigital My Cloud Ex4100 Firmware
Westerndigital My Cloud Ex2 Ultra Firmware
Westerndigital My Cloud Mirror Gen 2 Firmware
Westerndigital My Cloud Dl2100 Firmware
Westerndigital My Cloud Dl4100 Firmware
Westerndigital My Cloud Ex2100 Firmware
Westerndigital My Cloud Firmware
Westerndigital Wd Cloud Firmware
Westerndigital My Cloud Home Firmware
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Netatalk Netatalk
668
VMScore
CVE-2020-12830
Addressed multiple stack buffer overflow vulnerabilities that could allow an malicious user to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices prior to 5.04.114.
Westerndigital My Cloud Firmware
668
VMScore
CVE-2020-27160
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices before 5.04.114 (issue 3 of 3).
Westerndigital My Cloud Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »