Vulnerabilities > Westerndigital > MY Cloud Mirror G2 Firmware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2022-29844 | Path Traversal vulnerability in Westerndigital products A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write arbitrary files. | 9.8 |
| 2023-01-26 | CVE-2022-29843 | OS Command Injection vulnerability in Westerndigital products A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to execute code in the context of the root user. | 9.8 |