Western Digital My Cloud Cross Site Request Forgery

2017.03.08
Credit: Remco Vermeulen
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-352

------------------------------------------------------------------------ Western Digital My Cloud vulnerable to Cross-Site Request Forgery vulnerability ------------------------------------------------------------------------ Remco Vermeulen, January 2017 ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ It was discovered that the Western Digital My Cloud is affected by Cross-Site Request Forgery. This issue can be combined with a command injection vulnerability (see advisory SFY201703) to gain complete control (root access) of the affected device. ------------------------------------------------------------------------ See also ------------------------------------------------------------------------ - https://securify.nl/advisory/SFY20170102/authentication_bypass_vulnerability_in_western_digital_my_cloud.html - https://securify.nl/advisory/SFY20170103/western_digital_my_cloud_vulnerable_to_multiple_command_injection_vulnerabilities.html ------------------------------------------------------------------------ Tested versions ------------------------------------------------------------------------ This issue was successfully verified on a Western Digital My Cloud model WDBCTL0020HWT running firmware version 2.21.126. The issue isn't limited to the used model since most of the products in the My Cloud series share the same (vulnerable) code. ------------------------------------------------------------------------ Fix ------------------------------------------------------------------------ There is currently no fix available. ------------------------------------------------------------------------ Details ------------------------------------------------------------------------ https://www.securify.nl/advisory/SFY20170104/western_digital_my_cloud_vulnerable_to_cross_site_request_forgery_vulnerability.html Western Digital My Cloud is a low-cost entry-level network-attached storage device. It was discovered that the Western Digital My Cloud is affected by Cross-Site Request Forgery. When combined with command injection (see advisory SFY201703) this issue allows an attacker to gain complete control (root access) of the affected device. This issue exists due to the fact that the My Cloud device lacks protection against Cross-Site Request Forgery attacks. In order to exploit this vulnerability, an attacker has to lure an authenticated My Cloud device user (some command injections require an admin user whereas others also allow users with fewer privileges) into executing a malicious link crafted to exploit a command injection in a vulnerable My Cloud device.

References:

https://securify.nl/advisory/SFY20170102/authentication_bypass_vulnerability_in_western_digital_my_cloud.html


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top