Vulnerability: Symbolic Link Following on SMB and AFP Shares in Western Digital My Cloud OS 5 Devices

Vulnerability: Symbolic Link Following on SMB and AFP Shares in Western Digital My Cloud OS 5 Devices

CVE-2021-3310 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB and AFP shares. This can lead to code execution and information disclosure (by reading local files).

Learn more about our Cloud Audit.