SEC Consult SA-20170307-0 :: Unauthenticated OS command injection & arbitrary file upload in Western Digital WD My Cloud

Posted by SEC Consult Vulnerability Lab on Mar 07

SEC Consult Vulnerability Lab Security Advisory < 20170307-0 >
=======================================================================
title: Unauthenticated OS command injection & arbitrary file upload
product: Western Digital My Cloud
vulnerable version: at least: 2.21.126 (My Cloud), 2.11.157(My Cloud EX2),
2.21.126 (My Cloud EX2 Ultra), 2.11.157 (My Cloud EX4),…

Leave a Reply