Skip to main content

My Cloud Mirror G2 Firmware

2 CVEs product

Monthly

CVE-2022-23000 HIGH This Week

The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure My Cloud Pr2100 Firmware My Cloud Pr4100 Firmware My Cloud Ex4100 Firmware My Cloud Ex2 Ultra Firmware +5
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-22999 MEDIUM This Month

Western Digital My Cloud devices are vulnerable to a cross side scripting vulnerability that can allow a malicious user with elevated privileges access to drives being backed up to construct and. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS My Cloud Pr2100 Firmware My Cloud Pr4100 Firmware My Cloud Ex4100 Firmware My Cloud Ex2 Ultra Firmware +4
NVD
CVSS 3.1
4.8
EPSS
0.3%
EPSS 0% CVSS 7.8
HIGH This Week

The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure My Cloud Pr2100 Firmware My Cloud Pr4100 Firmware +7
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Western Digital My Cloud devices are vulnerable to a cross side scripting vulnerability that can allow a malicious user with elevated privileges access to drives being backed up to construct and. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS My Cloud Pr2100 Firmware My Cloud Pr4100 Firmware +6
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy