First published: Tue Oct 27 2020(Updated: )
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Westerndigital My Cloud Firmware | <5.04.114 | |
Westerndigital My Cloud Ex4100 | ||
Westerndigital My Cloud Expert Series Ex2 | ||
Westerndigital My Cloud Mirror - Gen 2 | ||
Westerndigital My Cloud Pr2100 | ||
Westerndigital My Cloud Pr4100 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-27160.
The severity level of CVE-2020-27160 is critical.
The Western Digital My Cloud NAS devices prior to version 5.04.114 are affected by CVE-2020-27160.
To fix CVE-2020-27160, update your Western Digital My Cloud NAS device to version 5.04.114 or later.
No, the Western Digital My Cloud Expert Series Ex2 and My Cloud Mirror - Gen 2 devices are not vulnerable to CVE-2020-27160.