Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insufficient Verification of Data Authenticity Remote Code Execution Vulnerability on Western Digital My Cloud devices.
Vulnerability Description
A remote code execution vulnerability was discovered on Western Digital My Cloud devices where an attacker could trick a NAS device into loading through an unsecured HTTP call. This was a result insufficient verification of calls to the device. The vulnerability was addressed by disabling checks for internet connectivity using HTTP.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对数据真实性的验证不充分
Vulnerability Title
Western Digital My Cloud 数据伪造问题漏洞
Vulnerability Description
Western Digital My Cloud是美国西部数据(Western Digital)公司的一款个人云存储设备。 Western Digital My Cloud 存在安全漏洞,攻击者可以通过不安全的 HTTP 调用诱骗 NAS 设备进行加载。这是对设备调用验证不足的结果。
CVSS Information
N/A
Vulnerability Type
N/A