Remco Vermeulen

**Name of the Vulnerable Software and Affected Versions** Western Digital My Cloud versions prior to 2.30.196 **Description** The issue allows an unauthenticated attacker to bypass authentication and gain full control of the device by exploiting a vulnerability in the authentication mechanism. Specifically, the network mgr.cgi CGI module contains a command called "cgi get ipv6" that can start an admin session tied to the user's IP address if a certain parameter is provided. This enables an attacker to invoke commands that normally require admin privileges without needing to provide a password. The vulnerability exploits the way server-side sessions are created and bound to a user's IP address when an admin logs in. **Recommendations** For versions prior to 2.30.196, update to version 2.30.196 or later to resolve the issue. As a temporary workaround, consider restricting access to the network mgr.cgi CGI module to minimize the risk of exploitation. Avoid using the `cgi get ipv6` command with the `flag` parameter set to `1` until the issue is resolved.