Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Western Digital’s My Cloud NAS Devices Turn Out to Be Easily Hacked

Western Digital’s My Cloud NAS Devices Turn Out to Be Easily Hacked

Security researchers have discovered an authentication bypass vulnerability in Western Digital’s My Cloud NAS devices that potentially allows an unauthenticated attacker to gain admin-level control to the affected devices.

Western Digital’s My Cloud (WD My Cloud) is one of the most popular network-attached storage (NAS) devices which is being used by businesses and individuals to host their files, as well as backup and sync them with various cloud and web-based services.

The WD My Cloud devices let users not only share files in a home network but its private cloud feature also allows them to access their data from anywhere around the world at any time.

However, security researchers at Securify have discovered an authentication bypass vulnerability on the WD My Cloud NAS boxes that could allow unauthenticated attackers with network access to the device to escalate their privileges to admin-level without needing to provide a password.

This would eventually allow attackers to run commands that would typically require administrative privileges and gain complete control of the affected NAS device, including their ability to view, copy, delete and overwrite any files that are stored on the device.

Here’s How Easy it is to Hack a WD My Cloud Storage Boxes

The vulnerability, designated CVE-2018-17153, resides in the way WD My Cloud creates an admin session tied to an IP address.

By simply including the cookie username=admin to an HTTP CGI request send by an attacker to the device’s web interface, the attacker can unlock admin access and gain access to all the content stored on the NAS box.

Securify researchers have also published a proof-of-concept (PoC) exploit showing how the vulnerability can be exploited with just a few lines of code.

Obviously, the exploit requires either a local network or internet connection to a WD My Cloud device in order to be run the command and bypasses the NAS device’s usual login requirements.

The researchers successfully verified the vulnerability on a Western Digital My Cloud model WDBCTL0020HWT running firmware version 2.30.172, though they claimed that this issue is not limited to the model, as most products in the My Cloud series share the same “vulnerable” code.

Securify researchers found the issue while reverse engineering the CGI binaries to look for security bugs, and reported it to Western Digital in April 2017, but did not receive any response from the company.

After almost one-and-half years of silence from Western Digital, researchers finally publicly disclosed the vulnerability, which is still unpatched.

This is not the first time Western Digital has ignored the security of its My Cloud NAS device users.

Earlier this year, a researcher publicly disclosed several vulnerabilities in Western Digital’s My Cloud NAS devices, including a hard-coded password backdoor issue in their firmware after the company did not address the issue, which was reported 180 days before making it public.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket