W1Th0Ut

**Name of the Vulnerable Software and Affected Versions** Western Digital My Cloud versions prior to 5.31.108 **Description** An OS command injection flaw exists in the user interface of the firmware. This issue allows remote attackers to execute arbitrary system commands by sending a specially crafted HTTP POST request. Approximately 166,900 devices are potentially affected worldwide. **Recommendations** Update to version 5.31.108.