A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to execute code in the context of the root user.
Published January 26, 2023.
Westerndigital My Cloud Pr2100 Firmware
Westerndigital My Cloud Pr4100 Firmware
Westerndigital My Cloud Dl2100 Firmware
Westerndigital My Cloud Ex2100 Firmware
Westerndigital My Cloud Dl4100 Firmware
Westerndigital My Cloud Ex4100 Firmware