Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-22817
HistoryFeb 05, 2024 - 10:15 p.m.

Server side request forgery (ssrf)

2024-02-0522:15:00
PRIOn knowledge base
www.prio-n.com
5
server-side request forgery
vulnerability
my cloud os 5
my cloud home
sandisk ibi
dns addresses
loopback adapter
security issue

7.4 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

16.4%

JSON

Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressedΒ by fixing DNS addresses that refer to loopback. This issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.

Related

cve 1
zdi 1
cvelist 1
nvd 1
openvas 1
cve
cve
CVE-2023-22817
2024-02-05 22:15:54
zdi
zdi
(Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Server-Side Request Forgery Vulnerability
2024-02-06 00:00:00
cvelist
cvelist
CVE-2023-22817 Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products
2024-02-05 21:26:42
nvd
nvd
CVE-2023-22817
2024-02-05 22:15:54
openvas
openvas
Western Digital My Cloud Multiple Products 5.x < 5.27.161 Multiple Vulnerabilities (WDC-24001)
2024-01-23 00:00:00

7.4 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

16.4%

JSON
Related for PRION:CVE-2023-22817
cve1zdi1cvelist1nvd1openvas1