2 matches found
Western Digital My Cloud NAS Remote Code Execution Multiple Vulnerabilities (CVE-2020-25765; CVE-2020-27158; CVE-2020-27159; CVE-2020-27160; CVE-2020-27744)
A remote code execution vulnerability exists in Western Digital My Cloud NAS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2020-27159
CVE-2020-27159 affects Western Digital My Cloud NAS. The root cause is insufficient sanitization/validation in DsdkProxy.php, enabling remote code execution on affected devices prior to firmware version 5.04.114. The remediation noted in the sources is upgrading to firmware 5.04.114 or later. Exp...