← back
CVE-2022-36330

Buffer Overflow Vulnerability in Western Digital My Cloud Home and ibi devices

CVSS 1.9 LOWEPSS 0.6%CWE-120
A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their privileges in order to exploit this buffer overflow vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191. 
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
Affected products
SanDisk · ibiWestern Digital · My Cloud Home and My Cloud Home Duo

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.westerndigital.com/support/product-security/wdc-23003-western-digital-my-cloud-home-my-cloud-home-duo-and-sandisk-ibi-firmware-version-9-4-0-191