WD Cloud backdoor and security vulnerabilities

3
Found 8th Jan
Guys

Just read an article on a significant raft of exploits against the Cloud range of WD products. Most of the current crop of both home and SOHO devices are affected (save for any v4 firmware boxes): -

MyCloud
MyCloudMirror
My Cloud Gen 2
My Cloud PR2100
My Cloud PR4100
My Cloud EX2 Ultra
My Cloud EX2
My Cloud EX4
My Cloud EX2100
My Cloud EX4100
My Cloud DL2100
My Cloud DL4100

Source: gulftech.org/adv…125

From what I've read of this bloke's analysis, the number and degree of the exploits are staggering. A hard coded backdoor, sloppy copy/paste methods from another supplier and code that was left unpatched since 2014.

You'd think WD had learnt from their earlier mistakes but as an owner of one of their top tier products, I'm left very miffed.

Heads-up to everyone to get patching to the November firmwares.

Pops

  1. Misc
Groups
  1. Misc
3 Comments

Yep wouldn’t buy that carp if you paid me.
Edited by: "cmdr_elito" 8th Jan

It's raining bugs from the clouds.
It will be locusts next then we will know the end is nigh.
Bring out your dead.
Post a comment
Avatar
@
    Text