This video is a demonstration of the command injection vulnerability in the WD My Cloud NAS. It shows that it is possible to remotely access every folder and file on the NAS regardless of permissions.
At VerSprite, we approach security from a holistic risk management perspective, understanding security from business and attacker perspectives.
Our approach goes beyond assessing security controls. We examine credible threats to understand the likelihood of a real-world abuse case and measure the magnitude of business impact if a breach should occur. By developing a holistic business risk view, security decisions become business decisions. Explore Security Offerings →