CVE-2022-36327

Name of the Vulnerable Software and Affected Versions Western Digital My Cloud Home versions prior to 9.4.0-191 Western Digital My Cloud Home Duo versions prior to 9.4.0-191 SanDisk ibi versions prior to 9.4.0-191 Western Digital My Cloud OS 5 versions prior to 5.26.202

Description A Path Traversal vulnerability could allow an attacker to write files to locations with certain critical filesystem types, leading to remote code execution. This issue requires an authentication bypass issue to be triggered before it can be exploited.

Recommendations For Western Digital My Cloud Home versions prior to 9.4.0-191, update to version 9.4.0-191 or later. For Western Digital My Cloud Home Duo versions prior to 9.4.0-191, update to version 9.4.0-191 or later. For SanDisk ibi versions prior to 9.4.0-191, update to version 9.4.0-191 or later. For Western Digital My Cloud OS 5 versions prior to 5.26.202, update to version 5.26.202 or later.