Security Advisory

CVE-2022-29840

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-10 22:09:28

Last updated 2025-01-24 21:01:46

Assigner WDC PSIRT

State PUBLISHED

Description

Server-Side Request Forgery (SSRF) vulnerability that could allow a rogue server on the local network to modify its URL to point back to the loopback adapter was addressed in Western Digital My Cloud OS 5 devices. This could allow the URL to exploit other vulnerabilities on the local server.This issue affects My Cloud OS 5 devices before 5.26.202.

← Browse all CVEs View on cve.org ↗