PT-2020-16797 · Western Digital · Western Digital My Cloud

Abdulla Ismayilov

·

Published

2020-10-29

·

Updated

2021-12-06

·

CVE-2020-27744

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Western Digital My Cloud NAS devices versions prior to 5.04.114
Description An issue was discovered that allows remote code execution with resultant escalation of privileges.
Recommendations For versions prior to 5.04.114, update to version 5.04.114 or later to resolve the issue.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2020-27744

Affected Products

Western Digital My Cloud