Note:
This project will be discontinued after December 13, 2021. [more]
Product:
My_cloud_home
(Westerndigital)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-05-08 | CVE-2023-22813 | A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a permissive CORS policy and missing authentication requirement for private IPs, a remote attacker on the same network as the device could obtain device information by convincing a victim user to visit an... | My_cloud, My_cloud_home, My_cloud_os_5, Sandisk_ibi | 4.3 | ||
| 2020-04-15 | CVE-2020-10951 | Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages. | Ibi, My_cloud_home | 4.7 |