Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:54 a.m.7 views

CVE-2022-23006

A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file. This vulnerability can only be exploited by chaining it with another...

6.7CVSS8AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-39047

Malicious code in bioql PyPI...

10CVSS7.5AI score0.00591EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-39043

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01466EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:46 a.m.10 views

CVE-2023-22819

An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi a...

4.9CVSS6.7AI score0.00822EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:11 a.m.8 views

CVE-2022-36330

A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their...

8.1CVSS8.4AI score0.00557EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:52 a.m.8 views

CVE-2022-36329

An improper privilege management issue that could allow an attacker to cause a denial of service over the OTA mechanism was discovered in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices.This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before...

7.5CVSS6.9AI score0.00296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:11 p.m.16 views

CVE-2022-36327

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk i...

9.8CVSS8.2AI score0.01466EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/12 5:57 p.m.13 views

CVE-2022-36331 Impersonation attack causing an Authentication Bypass on Western Digital devices

Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data. This issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo:...

10CVSS9.7AI score0.00591EPSS
Exploits0References1
OSV
OSV
added 2023/05/18 6:15 p.m.5 views

CVE-2022-36327

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk i...

9.8CVSS6.3AI score0.01466EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/18 5:55 p.m.10 views

CVE-2022-36328 Path Traversal Vulnerability leading to an arbitrary file read in Western Digital devices

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could allow an attacker to create arbitrary shares on arbitrary directories and exfiltrate sensitive files, passwords, users and device configurations was discovered in Western Digital My Cloud Home, M...

5.8CVSS7.3AI score0.00767EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/18 5:54 p.m.14 views

CVE-2022-36327 Path traversal vulnerability leading to an arbitrary file write in Western Digital devices

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk i...

5.8CVSS10AI score0.01466EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/18 5:53 p.m.11 views

CVE-2022-36326 Resource Exhaustion Vulnerability in Western Digital devices

An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi a...

4.4CVSS5.1AI score0.00572EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/01 12:0 a.m.4 views

CVE-2022-29837 Path traversal Vulnerability in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi Devices

A path traversal vulnerability was addressed in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi which could allow an attacker to initiate installation of custom ZIP packages and overwrite system files. This could potentially lead to a code execution...

4.7CVSS7.4AI score0.0019EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/09 12:0 a.m.10 views

CVE-2022-29836 Post-Auth Path Traversal Vulnerability Allows to Custom Package Installation via HTTP API

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability was discovered via an HTTP API on Western Digital My Cloud Home; My Cloud Home Duo; and SanDisk ibi devices that could allow an attacker to abuse certain parameters to point to random locations on the file...

1.9CVSS4.6AI score0.0031EPSS
Exploits0References1
OSV
OSV
added 2021/12/26 1:15 a.m.4 views

CVE-2021-45608

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Remote code execution from the WAN interface TCP port 20005 cannot be ruled out; however, exploitability was judged to be of "rather significant...

9.8CVSS7.9AI score0.02513EPSS
Exploits1References2
OSV
OSV
added 2020/03/10 1:15 p.m.5 views

CVE-2019-10706

Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to othe...

6.3CVSS6.5AI score0.00284EPSS
Exploits0References3
Rows per page
Query Builder