PT-2019-15723 · Western Digital · Western Digital My Cloud Ex2 Ultra
Jaeyoung Jeong
+1
·
Published
2019-11-13
·
Updated
2019-11-15
·
CVE-2019-18931
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Western Digital My Cloud EX2 Ultra firmware version 2.31.195
Description
The issue allows for a Buffer Overflow with Extended Instruction Pointer (EIP) control. This can be achieved via crafted GET/POST parameters.
Recommendations
For Western Digital My Cloud EX2 Ultra firmware version 2.31.195, update to a newer version that contains a fix for this issue.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Western Digital My Cloud Ex2 Ultra