A post-authentication remote command injection...
High severity
Unreviewed
Published
Jul 1, 2023
to the GitHub Advisory Database
•
Updated Sep 6, 2024
Description
Published by the National Vulnerability Database
Jun 30, 2023
Published to the GitHub Advisory Database
Jul 1, 2023
Last updated
Sep 6, 2024
A post-authentication remote command injection vulnerability in a CGI file in Western Digital My Cloud OS 5 devices that could allow an attacker to build files with redirects and execute larger payloads.
This issue affects My Cloud OS 5 devices: before 5.26.300.
References