Western.Digital.MyCloud.Multiple.Remote.Command.Execution

description-logoDescription

This indicates an attack attempt against a remote Code Execution vulnerability in MyCloud Devices.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.

affected-products-logoAffected Products

My Cloud
My Cloud Gen 2
My Cloud Mirror
My Cloud PR2100
My Cloud PR4100
My Cloud EX2 Ultra
My Cloud EX2
My Cloud EX4
My Cloud EX2100
My Cloud EX4100
My Cloud DL2100
My Cloud DL4100

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://support.wdc.com/downloads.aspx?g=911&lang=en#firmware

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)