Nomanriffat

**Name of the Vulnerable Software and Affected Versions** Western Digital WD My Book World through II version 1.02.12 **Description** The issue allows an attacker to access the "/admin/" directory without credentials. An attacker can enable SSH from "/admin/system advanced.php?lang=en" and login with the default root password `welc0me`. **Recommendations** For Western Digital WD My Book World through II version 1.02.12, as a temporary workaround, consider disabling access to the "/admin/" directory and changing the default root password `welc0me` to prevent unauthorized access. Restrict access to the `/admin/system advanced.php` endpoint to minimize the risk of exploitation.