Westerndigital My_cloud_dl4100_firmware

10 CVEs affecting Westerndigital My_cloud_dl4100_firmware. Latest disclosed: 2024-02-05. Critical: 3, High: 3.

Top CVEs affecting Westerndigital My_cloud_dl4100_firmware
CVESeverityScorePublishedSummary
CVE-2022-36331Critical10.02023-06-12Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthentica…
CVE-2022-22995Critical10.02022-03-25The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of p…
CVE-2019-9950Critical9.82019-04-24Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My…
CVE-2019-9949High8.82019-05-23Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execu…
CVE-2022-22999High8.22022-07-25Western Digital My Cloud devices are vulnerable to a cross side scripting vulnerability that can allow a malicious user with elevated privileges access to driv…
CVE-2022-23000High7.32022-07-25The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. This was enabled to…
CVE-2022-29844Medium6.72023-01-26A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write ar…
CVE-2022-29843Medium6.22023-01-26A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows…
CVE-2023-22817Medium5.52024-02-05Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back…
CVE-2023-22819Medium4.92024-02-05An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventua…