Western Digital My Cloud CVE-2018-17153 Authentication Bypass Vulnerability



Western Digital My Cloud is prone to a authentication-bypass vulnerability.

An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks.

Information

Bugtraq ID: 105359
Class: Access Validation Error
CVE: CVE-2018-17153

Remote: Yes
Local: Yes
Published: Sep 19 2018 12:00AM
Updated: Sep 19 2018 12:00AM
Credit: Exploitee.rs, Infosec shop Securify
Vulnerable: Western Digital My Cloud WDBCTL0020HWT 2.30.172
Western Digital My Cloud PR4100 0
Western Digital My Cloud PR2100 0
Western Digital My Cloud Mirror Gen 2 0
Western Digital My Cloud Mirror 0
Western Digital My Cloud EX4100 0
Western Digital My Cloud EX4 0
Western Digital My Cloud EX2100 0
Western Digital My Cloud EX2 Ultra 0
Western Digital My Cloud EX2 0
Western Digital My Cloud DL4100 0
Western Digital My Cloud DL2100 0


Not Vulnerable:

Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


Related Posts