CVE-2015-7709

The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass authentication and execute arbitrary commands via a series of crafted requests involving the ARKFSEXECCMD operation...

CVE-2015-7709

CVE-2015-7709 affects the arkeiad daemon in Western Digital Arkeia 11.0.12 and earlier. The vulnerability allows remote attackers to bypass authentication and execute arbitrary commands via crafted ARKFS_EXEC_CMD requests, resulting in remote code execution. Connected advisories corroborate the i...

Western Digital Arkeia Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Western Digital Arkeia Remote Code Execution', 'Description' = %q This module exploits a code execution flaw in Western Digital Arke...

Western Digital Arkeia 11.0.12 Remote Code Execution Exploit

This Metasploit module exploits a code execution flaw in Western Digital Arkeia version 11.0.12 and below. The vulnerability exists in the 'arkeiad' daemon listening on TCP port 617. Because there are insufficient checks on the authentication of all clients, this can be bypassed. Using the...

Western Digital Arkeia 11.0.13 Remote Code Execution

Advisory Information Title: Western Digital Arkeia "ARKFSEXECCMD" Date published: 2015-07-10 Vendors contacted: Western Digital / Arkeia Class: OS Command Injection CWE-78 Impact: Code execution Remotely Exploitable: Yes Product Description The WD Arkeia network backup suite comprises WD Arkeia...

Western Digital Arkeia Remote Code Execution

This module exploits a code execution flaw in Western Digital Arkeia version 11.0.12 and below. The vulnerability exists in the 'arkeiad' daemon listening on TCP port 617. Because there are insufficient checks on the authentication of all clients, this can be bypassed. Using the ARKFSEXECCMD...