5 matches found
CVE-2022-22992
A command injection remote code execution vulnerability was discovered on Western Digital My Cloud Devices that could allow an attacker to execute arbitrary system commands on the device. The vulnerability was addressed by escaping individual arguments to shell functions coming from user input...
Design/Logic Flaw
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...
CVE-2022-22992
creationtimestamp| type| source ---|---|--- 2022-01-28 22:22:14+00:00| seen| https://t.me/cibsecurity/36489...
CVE-2022-22992 Command Injection Remote Code Execution vulnerability on Western Digital My Cloud devices.
A command injection remote code execution vulnerability was discovered on Western Digital My Cloud Devices that could allow an attacker to execute arbitrary system commands on the device. The vulnerability was addressed by escaping individual arguments to shell functions coming from user input...
CVE-2022-22992
CVE-2022-22992 describes a command-injection remote code execution on Western Digital My Cloud devices. The vulnerability arises from improper handling of user-provided input that is used in shell calls, with the fix noted as escaping individual arguments to shell functions. Reported impacts incl...