Home

Mar 8, 2017

Your WD networked drive is vulnerable to remote attacks


The My Cloud line has some conspicuous security holes.

Category:IT 

If you have one of Western Digital's My Cloud nstorage drives, you might be particularly vulnerable to internet attacks. Exploitee.rs has discovered a number of unpatched security flaws in most My Cloud models that let remote intruders bypass the login, insert their own commands and upload files without permission. In numerous cases, it's a matter of poorly implemented scripts. Also, every command exectued through the web interface has full access to the operating system -- an attacker would have the keys to the kingdom.
The kicker? WD did fix one login bypass flaw through a firmware update, but it introduced another in the process.

We've asked WD for its take on the situation and will let you know if it has a response. However, the Exploitee.rs team says it's revealing these pre-patch bugs to the public because of WD's "reputation within the community." Supposedly, the company doesn't pay attention to the seriousness of security flaws -- this open disclosure is a way of pressuring WD into action. True or not, you may not want to allow internet access to your My Cloud gear unless it's absolutely necessary.

authorarticle: Master3395

image: 

keywords: cloud, storage, MyCloud, vulnability

Previous Article
Next Article
Discord

Page 1 of 489  >  >>

This has never happened before with mac

it.jpeg

Feb 16, 2020 | Category: IT | Comments

More malware threats on Mac than Windows.

read more…

Android users get a whole new emoji feature

emoji.jpeg

Feb 15, 2020 | Category: Google | Comments

Putting them together in new combinations. How to activate.

read more…

Collecting update in Windows 10 hides user data and loads incorrect profile

windows.jpeg

Feb 14, 2020 | Category: Microsoft | Comments

We have seen more stable versions than KB4532693.

read more…

Page 1 of 489  >  >>