CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27159

Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114

Exploit prediction scoring system (EPSS) score

EPSS Score 0.083

EPSS Ranking 91.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2020-27159

Westerndigital » My Cloud Ex4100 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_ex4100:-
Westerndigital » My Cloud Expert Series Ex2 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_expert_series_ex2:-
Westerndigital » My Cloud Mirror - Gen 2 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_mirror_-_gen_2:-
Westerndigital » My Cloud Pr2100 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_pr2100:-
Westerndigital » My Cloud Pr4100 » Version: N/A

cpe:2.3:h:westerndigital:my_cloud_pr4100:-
Westerndigital » My Cloud Firmware » Version: N/A

cpe:2.3:o:westerndigital:my_cloud_firmware:-
Westerndigital » My Cloud Firmware » Version: 04.05.00-320

cpe:2.3:o:westerndigital:my_cloud_firmware:04.05.00-320
Westerndigital » My Cloud Firmware » Version: 2.31.149

cpe:2.3:o:westerndigital:my_cloud_firmware:2.31.149
Westerndigital » My Cloud Firmware » Version: 2.31.163

cpe:2.3:o:westerndigital:my_cloud_firmware:2.31.163
Westerndigital » My Cloud Firmware » Version: 2.31.174

cpe:2.3:o:westerndigital:my_cloud_firmware:2.31.174
Westerndigital » My Cloud Firmware » Version: 2.31.183

cpe:2.3:o:westerndigital:my_cloud_firmware:2.31.183

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27159

Products

Pricing

Contact Us