Western Digital My Cloud devices before OS5 have a nobody account with a blank password.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HWesterndigital My Cloud Os
OSWesterndigital< 5.02.104Westerndigital My Cloud Pr4100
HWWesterndigitalwszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje
Powiązane podatności
CVE-2023-22814CRITICAL10.0ten sam produkt
An authentication bypass issue via spoofing was discovered in the token-based authentication mechanism that co...
CVE-2022-36331CRITICAL10.0ten sam produkt
Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impe...
CVE-2022-29842CRITICAL9.8ten sam produkt
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability that could a...
CVE-2021-36226CRITICAL9.8ten sam produkt
Western Digital My Cloud devices before OS5 do not use cryptographically signed Firmware upgrade files.
CVE-2022-22995CRITICAL10.0ten sam produkt
The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writi...