CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9951

Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is affected by an unauthenticated file upload vulnerability. The page web/jquery/uploader/uploadify.php can be accessed without any credentials, and allows uploading arbitrary files to any location on the attached storage.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2019-9951

Western Digital » My Cloud » Version: N/A

cpe:2.3:h:western_digital:my_cloud:-
Western Digital » My Cloud Dl2100 » Version: N/A

cpe:2.3:h:western_digital:my_cloud_dl2100:-
Western Digital » My Cloud Dl4100 » Version: N/A

cpe:2.3:h:western_digital:my_cloud_dl4100:-
Western Digital » My Cloud Ex2100 » Version: N/A

cpe:2.3:h:western_digital:my_cloud_ex2100:-
Western Digital » My Cloud Ex2 Ultra » Version: N/A

cpe:2.3:h:western_digital:my_cloud_ex2_ultra:-
Western Digital » My Cloud Ex4100 » Version: N/A

cpe:2.3:h:western_digital:my_cloud_ex4100:-
Western Digital » My Cloud Mirror Gen 2 » Version: N/A

cpe:2.3:h:western_digital:my_cloud_mirror_gen_2:-
Western Digital » My Cloud Pr2100 » Version: N/A

cpe:2.3:h:western_digital:my_cloud_pr2100:-
Western Digital » My Cloud Pr4100 » Version: N/A

cpe:2.3:h:western_digital:my_cloud_pr4100:-
Western Digital » My Cloud Dl2100 » Version: Any

cpe:2.3:o:western_digital:my_cloud_dl2100:*
Western Digital » My Cloud Dl4100 Firmware » Version: Any

cpe:2.3:o:western_digital:my_cloud_dl4100_firmware:*
Western Digital » My Cloud Ex2100 Firmware » Version: Any

cpe:2.3:o:western_digital:my_cloud_ex2100_firmware:*
Western Digital » My Cloud Ex2 Ultra Firmware » Version: Any

cpe:2.3:o:western_digital:my_cloud_ex2_ultra_firmware:*
Western Digital » My Cloud Ex4100 » Version: Any

cpe:2.3:o:western_digital:my_cloud_ex4100:*
Western Digital » My Cloud Firmware » Version: Any

cpe:2.3:o:western_digital:my_cloud_firmware:*
Western Digital » My Cloud Mirror Gen 2 Firmware » Version: Any

cpe:2.3:o:western_digital:my_cloud_mirror_gen_2_firmware:*
Western Digital » My Cloud Pr2100 Firmware » Version: Any

cpe:2.3:o:western_digital:my_cloud_pr2100_firmware:*
Western Digital » My Cloud Pr4100 » Version: Any

cpe:2.3:o:western_digital:my_cloud_pr4100:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9951

Products

Pricing

Contact Us