Westerndigital My Cloud Os 5 — known CVE vulnerabilities
Every CVE whose affected-product data names Westerndigital My Cloud Os 5, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2020-28970 — CVSS 9.8 (critical): An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could…
CVE-2020-28971 — CVSS 9.8 (critical): An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could…
CVE-2020-29563 — CVSS 9.8 (critical): An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could…
CVE-2020-28940 — CVSS 9.8 (critical): On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could…
CVE-2022-36328 — CVSS 5.8 (medium): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to create…
CVE-2022-36327 — CVSS 5.8 (medium): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to write files to…
CVE-2022-36326 — CVSS 4.4 (medium): An uncontrolled resource consumption vulnerability issue that could arise by sending crafted requests to a service to consume a large…
CVE-2023-22813 — CVSS 3.3 (low): A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and…