CVE-2022-29844 (my_cloud_dl2100_firmware, my_cloud_dl4100_firmware, my_cloud_ex2_ultra_firmware, my_cloud_ex2100_firmware, my_cloud_ex4100_firmware, my_cloud_mirror_g2_firmware, my_cloud_pr2100_firmware, my_cloud_pr4100_firmware)

A vulnerability in the FTP service of Western Digital My Cloud OS 5 devices running firmware versions prior to 5.26.119 allows an attacker to read and write arbitrary files. This could lead to a full NAS compromise and would give remote execution capabilities to the attacker.

capabilities cloud compromise cve devices digital files firmware ftp my cloud my cloud os nas service vulnerability western western digital western digital my cloud