Server-Side Request Forgery (SSRF) in Western Digital products - CVE-2022-29840
Published: January 3, 2023 / Updated: June 9, 2023
Vulnerability identifier: #VU70656
CSH Severity: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2022-29840
CWE-ID: CWE-918
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
My Cloud PR2100
My Cloud PR4100
My Cloud EX4100
My Cloud EX2 Ultra
My Cloud Mirror G2
My Cloud DL2100
My Cloud DL4100
My Cloud EX2100
WD Cloud
My Cloud
My Cloud Home
My Cloud Home Duo
SanDisk ibi
My Cloud PR2100
My Cloud PR4100
My Cloud EX4100
My Cloud EX2 Ultra
My Cloud Mirror G2
My Cloud DL2100
My Cloud DL4100
My Cloud EX2100
WD Cloud
My Cloud
My Cloud Home
My Cloud Home Duo
SanDisk ibi
Software vendor:
Western Digital
Western Digital
Description
The disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to insufficient validation of user-supplied input within the RESTSDK server. A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
Remediation
Install updates from vendor's website.