WD My Cloud Command Injection – Access All Private Folders

WD My Cloud NAS

This video is a demonstration of the command injection vulnerability in the WD My Cloud NAS. It shows that it is possible to remotely access every folder and file on the NAS regardless of permissions.

Offensive Minded Security Exploit Development

VerSprite's Research and Development division (a.k.a VS-Labs) is comprised of individuals who are passionate about diving into the internals of various technologies. Our clients rely on VerSprite's unique offerings of zero-day vulnerability research and exploit development to protect their assets from various threat actors. From advanced technical security training to our research for hire B.O.S.S offering, we help organizations solve their most complex technical challenges. Learn more →

Subscribe for Our Updates

Subscribe for Our Updates

Please enter your email address and receive the latest updates.