Ibi

This hub aggregates every CVE we track for Ibi, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 13 most recently published vulnerabilities affecting Ibi.

• CVE-2023-22819Uncontrolled resource consumption vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products4.9Feb 5, 2024
• CVE-2023-22817Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products5.5Feb 5, 2024
• CVE-2022-36331Impersonation attack causing an Authentication Bypass on Western Digital devices10.0Jun 12, 2023
• CVE-2022-36328Path Traversal Vulnerability leading to an arbitrary file read in Western Digital devices5.8May 18, 2023
• CVE-2022-36327Path traversal vulnerability leading to an arbitrary file write in Western Digital devices5.8May 18, 2023
• CVE-2022-36326Resource Exhaustion Vulnerability in Western Digital devices4.4May 18, 2023
• CVE-2022-36329Denial of Service over OTA mechanism in Western Digital My Cloud Home and ibi devices4.4May 10, 2023
• CVE-2022-36330Buffer Overflow Vulnerability in Western Digital My Cloud Home and ibi devices1.9May 9, 2023
• CVE-2022-29837Path traversal Vulnerability in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi Devices4.7Dec 1, 2022
• CVE-2022-29836Post-Auth Path Traversal Vulnerability Allows to Custom Package Installation via HTTP API1.9Nov 9, 2022
• CVE-2022-23006Buffer Overflow Vulnerability in Western Digital My Cloud Home Products and SanDisk ibi1.8Sep 27, 2022
• CVE-2020-10951Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages.4.7Apr 15, 2020
• CVE-2020-8990Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation.9.1Feb 20, 2020