Vulnerabilities > Westerndigital > MY Cloud OS > 5.26.202

DATE CVE VULNERABILITY TITLE RISK
2023-06-30 CVE-2023-22815 Command Injection vulnerability in Westerndigital MY Cloud OS
Post-authentication remote command injection vulnerability in Western Digital My Cloud OS 5 devices that could allow an attacker to execute code in the context of the root user on vulnerable CGI files.
network
low complexity
westerndigital CWE-77
6.7
6.7
2023-06-30 CVE-2023-22816 Command Injection vulnerability in Westerndigital MY Cloud OS
A post-authentication remote command injection vulnerability in a CGI file in Western Digital My Cloud OS 5 devices that could allow an attacker to build files with redirects and execute larger payloads. This issue affects My Cloud OS 5 devices: before 5.26.300.
network
low complexity
westerndigital CWE-77
8.8
8.8