Vulnerabilities > Westerndigital > MY Cloud Home > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-08 CVE-2023-22813 Missing Authorization vulnerability in Westerndigital products
A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App.
network
low complexity
westerndigital CWE-862
4.3
2020-04-15 CVE-2020-10951 Improper Restriction of Rendered UI Layers or Frames vulnerability in Westerndigital IBI and MY Cloud Home
Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages.
network
low complexity
westerndigital CWE-1021
4.7