6 matches found
Western Digital My Cloud Multiple Products < 2.11.169 / 2.20 - 2.30 < 2.30.181 Unauthorized Upload Vulnerability
Multiple Western Digital My Cloud products are prone to an unauthorized upload vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-late...
Western Digital MyCloud Remote Code Execution (CVE-2017-17560)
A remote code execution vulnerability exists within Western Digital MyCloud servers. This is due to the way the MyCloud servers handle file uploads to specific directories. A successful attack could lead to a remote code execution and stolen information...
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HEAD', :uri = '/web/', :pattern = /Apache/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initializeinfo=...
CVE-2017-17560
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multiuploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file...
CVE-2017-17560
CVE-2017-17560 affects Western Digital MyCloud PR4100 devices (2.30.172). The web management component at /web/jquery/uploader/multi_uploadify.php exposes multipart file upload without authentication, enabling an attacker to place arbitrary files anywhere on the device and upload a PHP shell, lea...
CVE-2017-17560
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multiuploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file...