Western Digital My Cloud Authentication Bypass

Posted by deepcore on September 19, 2018 – 10:35 am

It was discovered that the Western Digital My Cloud is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full control of the My Cloud device. This vulnerability was successfully verified on a Western Digital My Cloud model WDBCTL0020HWT running firmware version 2.30.172. This issue is not limited to the model that was used to find this vulnerability since most of the products in the My Cloud series share the same (vulnerable) code.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« [webapps] WordPress Plugin Wechat Broadcast 1.2.0 – Local File Inclusion CA Release Automation NiMi 6.5 Remote Command Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Western Digital My Cloud Authentication Bypass

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL