Vulnerabilities > CVE-2019-18929 - Out-of-bounds Write vulnerability in Western Digital MY Cloud EX2 Ultra Firmware 2.31.195

047910
CVSS 9.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
western-digital
CWE-787
critical
NVD
Published: 2019-11-13
Updated: 2019-11-15

Summary

Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest accounts) to remotely execute arbitrary code via a download_mgr.cgi stack-based buffer overflow.

Vulnerable Configurations

Part Description Count
OS
Western_Digital
1
Hardware
Western_Digital
1

Common Weakness Enumeration (CWE)

References