Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
westerndigital ibi vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2020-10951
Western Digital My Cloud Home and ibi devices prior to 2.2.0 allow clickjacking on sign-in pages.
Westerndigital Ibi
Westerndigital My Cloud Home
4.3
CVSSv3
CVE-2023-22813
A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a p...
Westerndigital My Cloud
Westerndigital Sandisk Ibi
Westerndigital My Cloud Home
Westerndigital My Cloud Os 5
7.8
CVSSv3
CVE-2022-29837
A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an malicious user to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution.
Westerndigital My Cloud Home Firmware
Westerndigital My Cloud Home Duo Firmware
Westerndigital Sandisk Ibi Firmware
7.5
CVSSv3
CVE-2022-36329
An improper privilege management issue that could allow an malicious user to cause a denial of service over the OTA mechanism exists in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: prior to 9.4.0-...
Westerndigital My Cloud Home Firmware
Westerndigital My Cloud Home Duo Firmware
Westerndigital Sandisk Ibi Firmware
4.3
CVSSv3
CVE-2022-29836
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists via an HTTP API on Western Digital My Cloud Home; My Cloud Home Duo; and SanDisk ibi devices that could allow an malicious user to abuse certain parameters to point to ra...
Westerndigital My Cloud Home Firmware
Westerndigital My Cloud Home Duo Firmware
Westerndigital Sandisk Ibi Firmware
8.1
CVSSv3
CVE-2022-36330
A buffer overflow vulnerability exists on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise ...
Westerndigital My Cloud Home Duo Firmware
Westerndigital Sandisk Ibi Firmware
Westerndigital My Cloud Home Firmware
6.7
CVSSv3
CVE-2022-23006
A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file. This vulnerability can only be exploited by chaining it...
Westerndigital My Cloud Home Firmware
Westerndigital My Cloud Home Duo Firmware
Westerndigital Sandisk Ibi Firmware
9.8
CVSSv3
CVE-2022-36327
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an malicious user to write files to locations with certain critical filesystem types leading to remote code execution exists in Western Digital My Cloud Home, M...
Westerndigital My Cloud Os 5
Westerndigital My Cloud Home Firmware
Westerndigital Sandisk Ibi Firmware
Westerndigital My Cloud Home Duo Firmware
4.9
CVSSv3
CVE-2022-36328
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an malicious user to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations exists in Weste...
Westerndigital My Cloud Os 5
Westerndigital My Cloud Home Firmware
Westerndigital Sandisk Ibi Firmware
Westerndigital My Cloud Home Duo Firmware
4.9
CVSSv3
CVE-2022-36326
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted exists in Western Digital My Cloud Home, My Cloud Home Duo, SanD...
Westerndigital My Cloud Os 5
Westerndigital My Cloud Home Firmware
Westerndigital Sandisk Ibi Firmware
Westerndigital My Cloud Home Duo Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »