A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions before 5.26.119 allows an malicious user to execute code in the context of the root user.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
westerndigital my_cloud_pr2100_firmware |
||
westerndigital my_cloud_pr4100_firmware |
||
westerndigital my_cloud_ex4100_firmware |
||
westerndigital my_cloud_ex2_ultra_firmware |
||
westerndigital my_cloud_mirror_g2_firmware |
||
westerndigital my_cloud_dl2100_firmware |
||
westerndigital my_cloud_dl4100_firmware |
||
westerndigital my_cloud_ex2100_firmware |
Vulmon