My cloud ex2 ultra
This hub aggregates every CVE we track for My cloud ex2 ultra, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
12
CVEs tracked
2
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM6HIGH4CRITICAL2
Monthly trend
0
0
1
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 12 most recently published vulnerabilities affecting My cloud ex2 ultra.
- CVE-2025-30247An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a sp...9.8
- CVE-2024-22170Unchecked buffer in Dynamic DNS client8.1
- CVE-2023-22819Uncontrolled resource consumption vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products4.9
- CVE-2023-22817Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products5.5
- CVE-2023-22815Post-authentication remote command injection vulnerability on Western Digital My Cloud OS 5 devices6.2
- CVE-2023-22816Limited Post-Authentication Remote Command Injection in My Cloud Products6.0
- CVE-2022-36331Impersonation attack causing an Authentication Bypass on Western Digital devices10.0
- CVE-2022-36327Path traversal vulnerability leading to an arbitrary file write in Western Digital devices5.8
- CVE-2022-29841OS Command Injection vulnerability in Western Digital My Cloud devices8.0
- CVE-2022-29844Western Digital My Cloud OS 5 arbitrary file read and write vulnerability via ftp6.7
- CVE-2022-23000Weak Default SSL use in Port Forwarding Service7.3
- CVE-2021-3310Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB and AFP shares. This can lead to code execution and information disclosure (by reading local files).7.8
Product normalization is registry-driven with AI assist and human review. How it works