CVE-2022-22990

Description

A limited authentication bypass vulnerability was discovered that could allow an attacker to achieve remote code execution and escalate privileges on the My Cloud devices. Addressed this vulnerability by changing access token validation logic and rewriting rule logic on PHP scripts.

Related CPE's

owesterndigitalmy_cloud_os********

hwesterndigitalmy_cloud-*******

hwesterndigitalmy_cloud_dl2100-*******

hwesterndigitalmy_cloud_dl4100-*******

hwesterndigitalmy_cloud_ex2_ultra-*******

hwesterndigitalmy_cloud_ex2100-*******

hwesterndigitalmy_cloud_ex4100-*******

hwesterndigitalmy_cloud_mirror_gen_2-*******

hwesterndigitalmy_cloud_pr2100-*******

hwesterndigitalmy_cloud_pr4100-*******

References

https://www.westerndigital.com/support/product-security/wdc-22002-my-cloud-os5-firmware-5-19-117

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-22-076/

Third Party AdvisoryVDB Entry

https://www.zerodayinitiative.com/advisories/ZDI-22-347/

Third Party AdvisoryVDB Entry

CvssV3 impact

Version

3.1

VectorString

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AttackVector

ADJACENT_NETWORK

AttackComplexity

LOW

PrivilegesRequired

NONE

UserInteraction

NONE

Scope

UNCHANGED

ConfidentialityImpact

HIGH

IntegrityImpact

HIGH

AvailabilityImpact

HIGH

BaseScore

8.8

BaseSeverity

HIGH

CvssV2 impact

Version

2.0

VectorString

AV:A/AC:L/Au:N/C:C/I:C/A:C

AccessVector

ADJACENT_NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

COMPLETE

IntegrityImpact

COMPLETE

AvailabilityImpact

COMPLETE

BaseScore

8.300000190734863

Created by Yello
About Severity.io