Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171 for remote authentication bypass within a product that uses My Cloud.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Western Digital WD My Cloud 授权问题漏洞
Vulnerability Description
Western Digital WD My Cloud是美国西部数据(Western Digital)公司的一款个人网络云存储设备。 Western Digital WD My Cloud 04.05.00-320版本中存在授权问题漏洞。远程攻击者可通过列出目录利用该漏洞绕过身份验证。
CVSS Information
N/A
Vulnerability Type
N/A