Want to get paid for a vulnerability similar to this one?
Contact us at: email@example.com
See our full scope at: https://blogs.securiteam.com/index.php/product_scope
A vulnerability in the Western Digital My Cloud Pro Series PR2100 allows authenticated users to execute commands arbitrary commands.
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
The vendor was notified on the 28th of November 2017, and responded that they take security seriously and will be fixing this vulnerability promptly, repeated attempts to get a timeline or fix failed, the last update received from them was on the 31st of Jan 2018, no further emails sent to the vendor were responded. We are not aware of any fix or remediation for this vulnerability.
Continue reading SSD Advisory – Western Digital My Cloud Pro Series PR2100 Authenticated RCE