20 matches found
EUVD-2020-19683
Malware in sbrugna...
EUVD-2020-19684
Malware in sbrugna...
CVE-2020-29563
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device...
CVE-2020-27158
Addressed remote code execution vulnerability in cgiapi.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114...
Western Digital My Cloud NAS Remote Code Execution Multiple Vulnerabilities (CVE-2020-25765; CVE-2020-27158; CVE-2020-27159; CVE-2020-27160; CVE-2020-27744)
A remote code execution vulnerability exists in Western Digital My Cloud NAS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2020-27744
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges...
CVE-2020-27744
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges...
Remote code execution
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges...
CVE-2020-27160
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 issue 3 of 3...
CVE-2020-27158
Addressed remote code execution vulnerability in cgiapi.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114...
CVE-2020-27159
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114...
CVE-2020-27160
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 issue 3 of 3...
Remote code execution
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114...
CVE-2020-27158
Addressed remote code execution vulnerability in cgiapi.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114...
CVE-2020-27160
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 issue 3 of 3...
CVE-2020-27159
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114...
CVE-2020-27160
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 issue 3 of 3...
Western Digital My Cloud NAS Device Hardcoded Backdoor Vulnerability
The Western Digital MyCloud NAS is a network attached storage device. A hard-coded backdoor vulnerability exists in the Western Digital My Cloud NAS device, where an administrator username and password cannot be changed because they are hard-coded into a binary file, allowing an arbitrary user to...
Western Digital My Cloud NAS Appliance Denial of Service Vulnerability
The Western Digital MyCloud NAS is a network attached storage device. A denial of service vulnerability exists in the Western Digital My Cloud NAS device, which can be exploited by an attacker to conduct denial of service attacks because any unauthenticated user can set global language preference...
Western Digital My Cloud NAS Device Cross-Site Request Forgery Vulnerability
The Western Digital MyCloud NAS is a network attached storage device. A cross-site request forgery vulnerability exists in the Western Digital My Cloud NAS device due to the lack of XSRF protection in the WD My Cloud web interface, which allows an attacker to connect a victim's web browser to the...