Vulnerabilities > Westerndigital > MY Cloud Dl4100 Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-12	CVE-2022-36331	Authentication Bypass by Spoofing vulnerability in Westerndigital products Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data. This issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo: before 8.13.1-102; SanDisk ibi: before 8.13.1-102. network low complexity westerndigital CWE-290	7.5
2022-07-25	CVE-2022-23000	Unspecified vulnerability in Westerndigital products The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. local low complexity westerndigital	7.8
2019-05-23	CVE-2019-9949	Link Following vulnerability in Westerndigital products Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100 and PR4100 before firmware 2.31.183 are affected by a code execution (as root, starting from a low-privilege user session) vulnerability. network low complexity westerndigital CWE-59	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.