CVE-2025-30247
- EPSS 1.23%
- Published 29.09.2025 21:15:33
- Last modified 02.10.2025 19:12:42
An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST.
CVE-2024-22170
- EPSS 0.13%
- Published 27.09.2024 17:15:12
- Last modified 30.09.2024 12:45:57
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102.
CVE-2023-22813
- EPSS 0.14%
- Published 08.05.2023 23:15:09
- Last modified 21.11.2024 07:45:28
A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App ...
CVE-2018-7928
- EPSS 0.06%
- Published 09.10.2018 14:29:00
- Last modified 21.11.2024 04:12:58
There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an a...