Headline
CVE-2020-28940: WDC-20009 OS 5 Firmware 5.06.115 | Western Digital
On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device.
My Cloud OS 5 Firmware 5.06.115
WDC Tracking Number: WDC-20009
Published: November 23, 2020
Last Updated: November 23, 2020
Description
My Cloud OS 5 was vulnerable to an authentication bypass vulnerability. My Cloud Firmware 5.06.115 contains updates to resolve this vulnerability and help improve the security of your My Cloud devices.
Product Impact
Minimum Fix Version
Last Updated
My Cloud PR2100
5.06.115
November 19, 2020
My Cloud PR4100
5.06.115
November 19, 2020
My Cloud EX2 Ultra
5.06.115
November 19, 2020
My Cloud EX4100
5.06.115
November 19, 2020
My Cloud Mirror Gen 2
5.06.115
November 19, 2020
For more information on the latest security updates, see the release notes: https://os5releasenotes.mycloud.com/#/
Advisory Summary
Addressed a NAS Admin authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device. The vulnerability was addressed through enhanced validation of URI paths.
CVE Number: CVE-2020-28940, CVE-2020-28971
Reported by: Trapa Security working with Trend Micro’s Zero Day Initiative, & DEVCORE Security Team working with Trend Micro’s Zero Day Initiative
Hardened the operating system by removing an upload endpoint that could be used by an authenticated administrator to upload executable PHP scripts.
CVE Number: CVE-2020-28970
Reported by: Sam Thomas (@_s_n_t) of Pentest Ltd (@pentestltd) working with Trend Micro’s Zero Day Initiative