Western Digital · Mycloud App · CVE-2018-7928
Name of the Vulnerable Software and Affected Versions:
MyCloud APP versions prior to 8.1.2.303
Description:
The issue allows for Factory Reset Protection (FRP) bypass in the MyCloud APP. An attacker can exploit this to replace the old account with a new one by following specific steps during the re-configuration of the mobile phone using the FRP function, thus bypassing the FRP function.
Recommendations:
For versions prior to 8.1.2.303, update to version 8.1.2.303 or later to resolve the issue.