|Category:||Web application abuses|
|Title:||Western Digital My Cloud Unauthenticated File Upload Vulnerability (Active Check)|
|Summary:||Western Digital My Cloud is prone to an unauthenticatedfile upload vulnerability.|
Western Digital My Cloud is prone to an unauthenticatedfile upload vulnerability.
The page web/jquery/uploader/uploadify.php can be accesses without any credentials
and allows uploading arbitrary files to any location on the attached storage under either:
Successful exploit allows an attacker to execute arbitrary commands with
root privileges in context of the affected application.
The vendor has released firmware updates. Please see the reference for
more details and downloads.
Common Vulnerability Exposure (CVE) ID: CVE-2019-9951|
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.