CVE-2018-9148

Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud.
References
Link Resource
https://exploit-db.com/exploits/44350/ Exploit Third Party Advisory VDB Entry
https://exploit-db.com/exploits/44350/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:westerndigital:my_cloud_firmware:04.05.00-320:*:*:*:*:*:*:*
cpe:2.3:h:westerndigital:my_cloud:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:15

Type Values Removed Values Added
References () https://exploit-db.com/exploits/44350/ - Exploit, Third Party Advisory, VDB Entry () https://exploit-db.com/exploits/44350/ - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2018-03-30 19:29

Updated : 2024-11-21 04:15


NVD link : CVE-2018-9148

Mitre link : CVE-2018-9148

CVE.ORG link : CVE-2018-9148


JSON object : View

Products Affected

westerndigital

  • my_cloud
  • my_cloud_firmware
CWE
CWE-287

Improper Authentication