My cloud os 5

This hub aggregates every CVE we track for My cloud os 5, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Hardware Firmware

CVEs tracked

Critical

High

In CISA KEV

Severity distribution

MEDIUM8CRITICAL7LOW1HIGH1

Monthly trend

2024-072026-06

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting My cloud os 5.

CVE-2023-22819Uncontrolled resource consumption vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products4.9Feb 5, 2024
CVE-2023-22817Server-side Request Forgery vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products5.5Feb 5, 2024
CVE-2023-22814Authentication Bypass issue in My Cloud OS 5 devices10.0Jun 30, 2023
CVE-2023-22815Post-authentication remote command injection vulnerability on Western Digital My Cloud OS 5 devices6.2Jun 30, 2023
CVE-2023-22816Limited Post-Authentication Remote Command Injection in My Cloud Products6.0Jun 30, 2023
CVE-2022-36331Impersonation attack causing an Authentication Bypass on Western Digital devices10.0Jun 12, 2023
CVE-2022-36328Path Traversal Vulnerability leading to an arbitrary file read in Western Digital devices5.8May 18, 2023
CVE-2022-36327Path traversal vulnerability leading to an arbitrary file write in Western Digital devices5.8May 18, 2023
CVE-2022-36326Resource Exhaustion Vulnerability in Western Digital devices4.4May 18, 2023
CVE-2022-29840Server Side Request Forgery Vulnerability in Western Digital My Cloud Devices5.1May 10, 2023
CVE-2022-29841OS Command Injection vulnerability in Western Digital My Cloud devices8.0May 10, 2023
CVE-2022-29842Command Injection Vulnerability in Western Digital My Cloud devices9.8May 10, 2023
CVE-2023-22813Device API endpoint missing access controls on Western Digital Mobile and Web Apps3.3May 8, 2023
CVE-2020-29563An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the device.9.8Dec 11, 2020
CVE-2020-28970An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands ...9.8Dec 1, 2020

Product normalization is registry-driven with AI assist and human review. How it works