WD My Cloud Command Injection - Access All Private Folders | VerSprite WD My Cloud Command Injection - Access All Private Folders | VerSprite

WD My Cloud Command Injection – Access All Private Folders

Written By: Versprite


This video is a demonstration of the command injection vulnerability in the WD My Cloud NAS. It shows that it is possible to remotely access every folder and file on the NAS regardless of permissions.

VerSprite's Approach to Security

At VerSprite, we approach security from a holistic risk management perspective, understanding security from business and attacker perspectives.

Our approach goes beyond assessing security controls. We examine credible threats to understand the likelihood of a real-world abuse case and measure the magnitude of business impact if a breach should occur. By developing a holistic business risk view, security decisions become business decisions. Explore Security Offerings →

Receive Security News





We are an international squad of professionals working as one.

logos