5 matches found
CVE-2019-16399
Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/systemadvanced.php?lang=en and login with the default root password welc0me...
Western Digital My Book World II NAS 1.02.12 Hardcoded Credential
Exploit Title: Western Digital My Book World II NAS = 1.02.12 - Broken Authentication to RCE Google Dork: intitle:"My Book World Edition - MyBookWorld" Date: 19th Sep, 2019 Exploit Author: Noman Riffat, National Security Services Group NSSG Vendor Homepage: https://wd.com/ Software Link:...
Western Digital My Book World II NAS 1.02.12 - Authentication Bypass / Command Execution
Exploit Title: Western Digital My Book World II NAS = 1.02.12 - Broken Authentication to RCE Google Dork: intitle:"My Book World Edition - MyBookWorld" Date: 19th Sep, 2019 Exploit Author: Noman Riffat, National Security Services Group NSSG Vendor Homepage: https://wd.com/ Software Link:...
Western Digital My Book World II NAS 1.02.12 - Authentication Bypass Command Execution
Western Digital My Book World II NAS 1.02.12 - Authentication Bypass Command Execution Exploit Title: Western Digital My Book World II NAS = 1.02.12 - Broken Authentication to RCE Google Dork: intitle:"My Book World Edition - MyBookWorld" Date: 19th Sep, 2019 Exploit Author: Noman Riffat, Nationa...
CVE-2019-16399
The CVE affects Western Digital WD My Book World through II devices (firmware 1.02.12 and earlier). The vulnerability stems from Broken Authentication via a hardcoded SSH credential path, enabling an attacker to access the /admin/ directory without credentials and login with the default root pass...