Skip to main content

Mycloud Nas

2 CVEs product

Monthly

CVE-2016-10108 CRITICAL POC THREAT Emergency

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 91.8%.

Command Injection PHP Mycloud Nas
NVD
CVSS 3.0
9.8
EPSS
91.8%
Threat
6.2
CVE-2016-10107 CRITICAL POC THREAT Emergency

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.4%.

Command Injection PHP Mycloud Nas
NVD
CVSS 3.0
9.8
EPSS
11.4%
EPSS 92% 6.2 CVSS 9.8
CRITICAL POC THREAT Emergency

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 91.8%.

Command Injection PHP Mycloud Nas
NVD
EPSS 11% CVSS 9.8
CRITICAL POC THREAT Emergency

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 11.4%.

Command Injection PHP Mycloud Nas
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy