Westerndigital My_cloud_os_5
8 CVEs affecting Westerndigital My_cloud_os_5. Latest disclosed: 2023-05-18. Critical: 4, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-29563 | Critical | 9.8 | 2020-12-12 | An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticate… |
CVE-2020-28971 | Critical | 9.8 | 2020-12-01 | An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticate… |
CVE-2020-28970 | Critical | 9.8 | 2020-12-01 | An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticate… |
CVE-2020-28940 | Critical | 9.8 | 2020-12-01 | On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticate… |
CVE-2022-36328 | Medium | 5.8 | 2023-05-18 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to create arbitrary shares on arbitra… |
CVE-2022-36327 | Medium | 5.8 | 2023-05-18 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to write files to locations with cert… |
CVE-2022-36326 | Medium | 4.4 | 2023-05-18 | An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large amount of memory, eventua… |
CVE-2023-22813 | Low | 3.3 | 2023-05-08 | A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile A… |