Pre-Authenticated Stack Overflow Vulnerability in My Cloud OS 5 FTP Service

Pre-Authenticated Stack Overflow Vulnerability in My Cloud OS 5 FTP Service

CVE-2022-22989 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues.

Learn more about our Cloud Audit.