CVE-2019-9951 Information

Description

Western Digital My Cloud My Cloud Mirror Gen2 My Cloud EX2 Ultra My Cloud EX2100 My Cloud EX4100 My Cloud DL2100 My Cloud DL4100 My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an unauthenticated file upload vulnerability. The page web/jquery/uploader/uploadify.php can be accessed without any credentials and allows uploading arbitrary files to any location on the attached storage.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://bnbdr.github.io/posts/wd/ https://community.wd.com/t/new-release-my-cloud-firmware-versions-2-31-174-3-26-19/235932 https://github.com/bnbdr/wd-rce/ https://support.wdc.com/downloads.aspx?g=2702&lang=en

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8