Vulnerabilities > Westerndigital > MY Cloud Home Firmware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-18 | CVE-2022-36327 | Path Traversal vulnerability in Westerndigital products Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could allow an attacker to write files to locations with certain critical filesystem types leading to remote code execution was discovered in Western Digital My Cloud Home, My Cloud Home Duo, SanDisk ibi and Western Digital My Cloud OS 5 devices. | 9.8 |
| 2022-03-25 | CVE-2022-22995 | Link Following vulnerability in multiple products The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. | 9.8 |