Feb. 6, 2024, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100 NAS devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.3. The following CVEs are assigned: CVE-2023-22817.

arbitrary code attackers authentication code cve cves cvss devices digital exploit forgery mycloud nas network pwn2own rating request server server-side request forgery vulnerability western western digital zdi

More from www.zerodayinitiative.com / ZDI: Published Advisories

Solution Architect H/F

@ Exotec | Lille, Hauts-de-France, France

Chef de projet Sécurité SI

@ Alter Solutions | Paris, France

Audit Manager / Sr Audit Manager IT - 90379779 - Washington

@ Amtrak | Washington, DC, US, 20002

Auditor IT - 90379778 - Washington

@ Amtrak | Washington, DC, US, 20002

1210/ 1241/ 1155 - Senior Network Engineer

@ Sigma Defense | San Diego, California, United States

SharePoint Cloud Administrator

@ Resource Management Concepts, Inc. | Dahlgren, Virginia, United States