Search 187964 CVE descriptions
and 85075 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Web application abuses
Title:Western Digital My Cloud Multiple Products < 2.21.111 Multiple Vulnerabilities
Summary:Multiple Western Digital My Cloud products are prone to multiple vulnerabilities.
Multiple Western Digital My Cloud products are prone to multiple vulnerabilities.

Vulnerability Insight:
The following issues have been addressed:

- Resolved multiple security vulnerabilities in image decoder (CVE-2016-3714)

- Resolved Twonky Security Vulnerability (CVE-2015-6505). Failure to verify HTTP parameter allows writing
of arbitrary files on host running TwonkyServer.

- Resolved GHOST Security Vulnerability (CVE-2015-0235)

Affected Software/OS:
Western Digital My Cloud with firmware versions prior to 2.21.111.

Update to firmware version 2.21.111 or later.

Note: Some My Cloud products are already end-of-life and doesn't receive any updates anymore.

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-3714
BugTraq ID: 89848
Bugtraq: 20160513 May 2016 - HipChat Server - Critical Security Advisory (Google Search)
CERT/CC vulnerability note: VU#250519
Debian Security Information: DSA-3580 (Google Search)
Debian Security Information: DSA-3746 (Google Search)
RedHat Security Advisories: RHSA-2016:0726
SuSE Security Announcement: SUSE-SU-2016:1260 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1275 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1301 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1261 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1266 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1326 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-6505
Common Vulnerability Exposure (CVE) ID: CVE-2015-0235
BugTraq ID: 72325
BugTraq ID: 91787
Bugtraq: 20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) (Google Search)
Bugtraq: 20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow (Google Search)
Bugtraq: 20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235 (Google Search)
Bugtraq: 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series (Google Search)
Cisco Security Advisory: 20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability
Debian Security Information: DSA-3142 (Google Search)
HPdes Security Advisory: HPSBGN03247
HPdes Security Advisory: HPSBGN03270
HPdes Security Advisory: HPSBGN03285
HPdes Security Advisory: HPSBHF03289
HPdes Security Advisory: HPSBMU03330
HPdes Security Advisory: SSRT101937
HPdes Security Advisory: SSRT101953
RedHat Security Advisories: RHSA-2015:0126
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2020 E-Soft Inc. All rights reserved.