Filtered by vendor Westerndigital
Subscribe
Total
74 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-8960 | 1 Westerndigital | 1 Mycloud.com | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS. | |||||
CVE-2019-13466 | 2 Sandisk, Westerndigital | 2 Ssd Dashboard, Ssd Dashboard | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard before 2.5.1.0 have Incorrect Access Control. The “generate reports” archive is protected with a hard-coded password. An application update that addresses the protection of archive encryption is available. | |||||
CVE-2019-10705 | 1 Westerndigital | 40 Sandisk X600 Sd9sb8w-128g, Sandisk X600 Sd9sb8w-128g Firmware, Sandisk X600 Sd9sb8w-1t00 and 37 more | 2024-02-04 | 4.3 MEDIUM | 7.5 HIGH |
Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials. | |||||
CVE-2019-9950 | 1 Westerndigital | 18 My Cloud, My Cloud Dl2100, My Cloud Dl2100 Firmware and 15 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an authentication bypass vulnerability. The login_mgr.cgi file checks credentials against /etc/shadow. However, the "nobody" account (which can be used to access the control panel API as a low-privilege logged-in user) has a default empty password, allowing an attacker to modify the My Cloud EX2 Ultra web page source code and obtain access to the My Cloud as a non-Admin My Cloud device user. | |||||
CVE-2018-18472 | 1 Westerndigital | 2 My Book Live, My Book Live Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the wild in June 2021 for factory reset commands, | |||||
CVE-2019-16399 | 1 Westerndigital | 2 Wd My Book, Wd My Book Firmware | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me. | |||||
CVE-2019-9949 | 1 Westerndigital | 18 My Cloud, My Cloud Dl2100, My Cloud Dl2100 Firmware and 15 more | 2024-02-04 | 9.0 HIGH | 8.8 HIGH |
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. The cgi-bin/webfile_mgr.cgi file allows arbitrary file write by abusing symlinks. Specifically, this occurs by uploading a tar archive that contains a symbolic link, then uploading another archive that writes a file to the link using the "cgi_untar" command. Other commands might also be susceptible. Code can be executed because the "name" parameter passed to the cgi_unzip command is not sanitized. | |||||
CVE-2018-7928 | 1 Westerndigital | 1 My Cloud | 2024-02-04 | 3.6 LOW | 4.6 MEDIUM |
There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an attacker can replace the old account with a new one through special steps by exploit this vulnerability. As a result, the FRP function is bypassed. | |||||
CVE-2018-9148 | 1 Westerndigital | 2 My Cloud, My Cloud Firmware | 2024-02-04 | 5.0 MEDIUM | 9.8 CRITICAL |
Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud. | |||||
CVE-2018-1151 | 1 Westerndigital | 4 Tv Live Hub, Tv Live Hub Firmware, Tv Media Player and 1 more | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
The web server on Western Digital TV Media Player 1.03.07 and TV Live Hub 3.12.13 allow unauthenticated remote attackers to execute arbitrary code or cause denial of service via crafted HTTP requests to toServerValue.cgi. | |||||
CVE-2017-17560 | 1 Westerndigital | 2 My Cloud Pr4100, My Cloud Pr4100 Firmware | 2024-02-04 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root. | |||||
CVE-2014-5876 | 1 Westerndigital | 1 Wd My Cloud | 2024-02-04 | 5.4 MEDIUM | N/A |
The WD My Cloud (aka com.wdc.wd2go) application 4.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
CVE-2014-2846 | 1 Westerndigital | 1 Arkeia Virtual Appliance Firmware | 2024-02-04 | 7.5 HIGH | N/A |
Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute arbitrary PHP code via a ..././ (dot dot dot slash dot slash) in the lang Cookie parameter, as demonstrated by a request to login/doLogin. | |||||
CVE-2013-5006 | 1 Westerndigital | 3 My Net N750, My Net N900, My Net N900c | 2024-02-04 | 4.3 MEDIUM | N/A |
main_internet.php on the Western Digital My Net N600 and N750 with firmware 1.03.12 and 1.04.16, and the N900 and N900C with firmware 1.05.12, 1.06.18, and 1.06.28, allows remote attackers to discover the cleartext administrative password by reading the "var pass=" line within the HTML source code. |