Remote Code Execution Vulnerability in Western Digital My Cloud NAS Devices

Remote Code Execution Vulnerability in Western Digital My Cloud NAS Devices

CVE-2020-27159 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114

Learn more about our Cloud Audit.