Vulnerabilities > Westerndigital > WD Discovery > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-19 CVE-2022-29835 Inadequate Encryption Strength vulnerability in Westerndigital WD Discovery 4.0.251.0
WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm.
network
low complexity
westerndigital CWE-326
5.3
5.3
2020-07-17 CVE-2020-15816 Injection vulnerability in Westerndigital WD Discovery
In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.
network
low complexity
westerndigital CWE-74
6.5
6.5
2020-05-13 CVE-2020-12427 Cross-Site Request Forgery (CSRF) vulnerability in Westerndigital WD Discovery 2.12.127
The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space. 		6.8
6.8