Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-29844

Published: 26/01/2023 Updated: 01/02/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Westerndigital

Vulnerability Summary

A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions before 5.26.119 allows an malicious user to read and write arbitrary files. This could lead to a full NAS compromise and would give remote execution capabilities to the attacker.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

westerndigital my_cloud_pr2100_firmware

westerndigital my_cloud_pr4100_firmware

westerndigital my_cloud_ex4100_firmware

westerndigital my_cloud_ex2_ultra_firmware

westerndigital my_cloud_mirror_g2_firmware

westerndigital my_cloud_dl2100_firmware

westerndigital my_cloud_dl4100_firmware

westerndigital my_cloud_ex2100_firmware

References

CWE-22https://www.westerndigital.com/en-in/support/product-security/wdc-23002-my-cloud-firmware-version-5-26-119https://nvd.nist.govhttps://www.zerodayinitiative.com/advisories/ZDI-23-112/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525CVE-2024-4652CVE-2024-1438CVE-2024-4671CVE-2024-34351arbitrary CVE-2024-4650SQL injectionoverflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook