A limited SSRF vulnerability was discovered on Western Digital My Cloud devices that could allow an attacker to impersonate a server and reach any page on the server by bypassing access controls. The vulnerability was addressed by creating a whitelist for valid parameters.
CPE | Name | Operator | Version |
---|---|---|---|
my_cloud_os | lt | 5.19.117 |