Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device's file system. This allows an attacker the ability to upload a PHP shell onto the device and obtain arbitrary code execution as root.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Western Digital MyCloud PR4100 Web管理组件安全漏洞
Vulnerability Description
Western Digital MyCloud PR4100是美国西部数据(Western Digital)公司的一款网络云存储设备。Web administration component是其中的一个Web管理组件。 Western Digital MyCloud PR4100 2.30.172版本中的Web管理组件存在安全漏洞。攻击者可利用该漏洞向设备上传PHP shell,并以root权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A