Martin's selection of few interesting IT Security, Privacy, and free tools from the Net: Are you using WD MyCloud device? - It might have a few free features (I mean vulnerabilities)

Friday, January 5, 2018

Are you using WD MyCloud device? - It might have a few free features (I mean vulnerabilities)

A secret hard-coded backdoor that could allow remote attackers to gain unrestricted root access to the device.
Cross-site request forgery
Command injection
Denial of Service
Information disclosure

Noteworthy, James Bercegay of GulfTech contacted the vendor and reported the issues in June last year. The vendor confirmed the vulnerabilities and requested a period of 90 days until full disclosure.

On 3rd January (that's almost after 180 days), GulfTech publicly disclosed the details of the vulnerabilities, which are still unpatched

For More
https://thehackernews.com/2018/01/western-digital-mycloud.html

Martin's selection of few interesting IT Security, Privacy, and free tools from the Net

Friday, January 5, 2018

Are you using WD MyCloud device? - It might have a few free features (I mean vulnerabilities)

No comments:

Post a Comment

Popular Posts

Categories

Blog Archive