Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-27160 | 1 Westerndigital | 6 My Cloud Ex4100, My Cloud Expert Series Ex2, My Cloud Firmware and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3). | |||||
CVE-2020-27159 | 1 Westerndigital | 6 My Cloud Ex4100, My Cloud Expert Series Ex2, My Cloud Firmware and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114 | |||||
CVE-2020-27158 | 1 Westerndigital | 6 My Cloud Ex4100, My Cloud Expert Series Ex2, My Cloud Firmware and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114. | |||||
CVE-2020-25765 | 1 Westerndigital | 6 My Cloud Ex4100, My Cloud Expert Series Ex2, My Cloud Firmware and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140. | |||||
CVE-2020-12830 | 1 Westerndigital | 6 My Cloud Ex4100, My Cloud Expert Series Ex2, My Cloud Firmware and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114. |