CVE-2020-12427: CSRF
First published: Wed May 13 2020(Updated: )
The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Westerndigital Wd Discovery | <3.8.229 | |
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-12427?
CVE-2020-12427 is a vulnerability in the Western Digital WD Discovery application for MyCloud Home on Windows and macOS, allowing for CSRF attacks with various impacts.
What are the impacts of CVE-2020-12427?
The impacts of CVE-2020-12427 include stealing data, modifying disk contents, and exhausting disk space.
How does CVE-2020-12427 affect Western Digital WD Discovery application?
CVE-2020-12427 affects the Western Digital WD Discovery application by enabling CSRF attacks.
How can I check if I am affected by CVE-2020-12427?
You are affected by CVE-2020-12427 if you are using the Western Digital WD Discovery application before version 3.8.229 on MyCloud Home.
How can I fix CVE-2020-12427?
To fix CVE-2020-12427, update the Western Digital WD Discovery application to version 3.8.229 or later.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- agent/first-publish-date
- agent/description
- vendor/westerndigital
- canonical/westerndigital wd discovery
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows