Vulnerabilities > Westerndigital > MY Cloud Mirror G2 Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-12	CVE-2022-36331	Authentication Bypass by Spoofing vulnerability in Westerndigital products Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data. This issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo: before 8.13.1-102; SanDisk ibi: before 8.13.1-102. network low complexity westerndigital CWE-290	7.5
2022-07-25	CVE-2022-23000	Unspecified vulnerability in Westerndigital products The Western Digital My Cloud Web App [https://os5.mycloud.com/] uses a weak SSLContext when attempting to configure port forwarding rules. local low complexity westerndigital	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.