Penetration Testing Methodology: Emulating Realistic Attacks by a Malicious Actor
The foundation of VerSprite’s penetration testing methodology is based on emulating realistic attacks by a malicious actor through the use of PASTA (Process for Attack Simulation and Threat Analysis).
WD My Cloud Command Injection – Remote Root with WebRTC
Western Digital My Cloud Command Injection
The WD My Cloud with firmware versions 04.01.03-421 and 04.01.04-422 suffer from command injection and cross-site request forgery (“CSRF”) vulnerabilities. These and a number of other issues have been reported to Western Digital.
As of September 11, 2015 updates are in the process of being rolled out for the My Cloud, My Cloud Mirror, EX2, DL2100, and other devices. The firmware will be made available to the general public September 21st 2015.
Offensive Minded Security Exploit Development
VerSprite’s Research and Development division (a.k.a VS-Labs) is comprised of individuals who are passionate about diving into the internals of various technologies. Our clients rely on VerSprite’s unique offerings of zero-day vulnerability research and exploit development to protect their assets from various threat actors. From advanced technical security training to our research for hire B.O.S.S offering, we help organizations solve their most complex technical challenges. Learn more →
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
- /
Related Resources
Subscribe for Our Updates
Please enter your email address and receive the latest updates.
