Unauthenticated Remote Command Injection Vulnerability in Western Digital MyCloud NAS 2.11.142

Unauthenticated Remote Command Injection Vulnerability in Western Digital MyCloud NAS 2.11.142

CVE-2016-10108 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data.

Learn more about our Web App Pen Testing.