CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27158

Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.107

EPSS Ranking 92.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2020-27158

Westerndigital » My Cloud Ex4100 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_ex4100:-
Westerndigital » My Cloud Expert Series Ex2 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_expert_series_ex2:-
Westerndigital » My Cloud Mirror - Gen 2 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_mirror_-_gen_2:-
Westerndigital » My Cloud Pr2100 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_pr2100:-
Westerndigital » My Cloud Pr4100 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_pr4100:-
Westerndigital » My Cloud Firmware » Version: N/A

cpe:2.3:o:westerndigital:my_cloud_firmware:-
Westerndigital » My Cloud Firmware » Version: 04.05.00-320

cpe:2.3:o:westerndigital:my_cloud_firmware:04.05.00-320
Westerndigital » My Cloud Firmware » Version: 2.31.149

cpe:2.3:o:westerndigital:my_cloud_firmware:2.31.149
Westerndigital » My Cloud Firmware » Version: 2.31.163

cpe:2.3:o:westerndigital:my_cloud_firmware:2.31.163
Westerndigital » My Cloud Firmware » Version: 2.31.174

cpe:2.3:o:westerndigital:my_cloud_firmware:2.31.174
Westerndigital » My Cloud Firmware » Version: 2.31.183

cpe:2.3:o:westerndigital:my_cloud_firmware:2.31.183

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27158

Products

Pricing

Contact Us