WD My Cloud Command Injection - Access All Private Folders WD My Cloud Command Injection - Access All Private Folders

Home  |  Resources  |  WD My Cloud

WD My Cloud Command Injection – Access All Private Folders

< Back to Blog Home

WD My Cloud NAS

This video is a demonstration of the command injection vulnerability in the WD My Cloud NAS. It shows that it is possible to remotely access every folder and file on the NAS regardless of permissions.

Offensive Minded Security Exploit Development

VerSprite's Research and Development division (a.k.a VS-Labs) is comprised of individuals who are passionate about diving into the internals of various technologies. Our clients rely on VerSprite's unique offerings of zero-day vulnerability research and exploit development to protect their assets from various threat actors. From advanced technical security training to our research for hire B.O.S.S offering, we help organizations solve their most complex technical challenges. Learn more →

We are an international squad of professionals working as one.

logos