First published: Fri Dec 11 2020(Updated: )
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Westerndigital My Cloud Os 5 | <5.07.118 | |
Westerndigital My Cloud Ex2 Ultra | ||
Westerndigital My Cloud Ex4100 | ||
Westerndigital My Cloud Mirror Gen 2 | ||
Westerndigital My Cloud Pr2100 | ||
Westerndigital My Cloud Pr4100 | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-29563.
The severity of CVE-2020-29563 is critical, with a severity score of 9.8.
CVE-2020-29563 affects Western Digital MyCloud PR4100 with My Cloud OS 5 up to version 5.07.118.
The vulnerability allows remote attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100.
No, authentication is not required to exploit CVE-2020-29563.