Western Digital My Cloud flaws allows local attacker to gain root access to the devices

Your Feed is from https://www.safeharboroncyber.com/Blog/
CyberWisdom Safe Harbor Commentary:
A recent story from securityaffairs.co explains how Trustwave researchers revealed that two new Western Digital vulnerabilities My Cloud network storage devices may be used by local attackers to delete files stored on the device or execute shell commands as root.
These two Western Digital My Cloud vulnerabilities are an arbitrary command execution vulnerability and an arbitrary file deletion problem. This arbitrary command execution vulnerability affects the public gateway interface script “nas_sharing.cgi”, which allows local users to execute shell commands as root. Hard-coded credentials allow any user to authenticate the device with the user name “mydlinkBRionyg”.
“The first discovery was the discovery of hard-coded administrator credentials in nas_sharing.cgibinary that allow anyone to authenticate the device with the username” mydlinkBRionyg. “State the Trustwave-published analysis.” Considering how many devices were affected This is very serious. Interestingly, another researcher released the same issue independently less than a month ago. ”
The arbitrary file deletion vulnerability is also bound to the public gateway interface script “nas_sharing.cgi”.
Another issue I have found in nas_sharing.cgi is to allow any user to execute shell commands as root. To take advantage of this issue, you can use the “artist” parameter. “Continue to analyze.
Western my cloud account
By linking these two flaws, you can execute the command as root, a local attacker can log in with hard-coded credentials and use base64 encoding to execute the commands passed in the “artist” parameter.
The affected Western Digital models include My Cloud Gen 2, My Cloud PR2100, My Cloud PR4100, My Cloud EX2 Ultra, My Cloud EX2, My Cloud EX4, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100 and My Cloud DL4100.
Trustwave reported these issues to Western Digital in 2017 and, according to the researchers, the vulnerabilities were fixed in an update to the firmware (version 2.30.172) released on November 16, 2017.
Read more…
Trustwave disclosed two vulnerabilities in Western Digital My Cloud network storage devices could be exploited by a local attacker to gain root access to the NAS devices. Researchers at Trustwave disclosed two new vulnerabilities in Western Digital My Cloud network storage devices could be exploited by a local attacker to delete files stored on devices or to… Engaging post, Read More…
thumbnail courtesy of securityaffairs.co
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post

The post Western Digital My Cloud flaws allows local attacker to gain root access to the devices appeared first on Safe Harbor on Cyber.