漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products
Vulnerability Description
Server-side request forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed by fixing DNS addresses that refer to loopback. This issue affects My Cloud OS 5 devices before 5.27.161, My Cloud Home, My Cloud Home Duo and SanDisk ibi devices before 9.5.1-104.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
My Cloud 多款产品代码问题漏洞
Vulnerability Description
Western Digital My Cloud等都是美国西部数据(Western Digital)公司的产品。Western Digital My Cloud是一款个人云存储设备。Western Digital My Cloud Home是一款易于使用的个人云存储设备。Western Digital My Cloud Home Duo是一款易于使用的云存储设备。SanDisk ibi等都是美国闪迪(SanDisk)公司的产品。SanDisk ibi是一个智能照片管理器和媒体存储硬盘。 My Cloud
CVSS Information
N/A
Vulnerability Type
N/A