Western Digital Patch a critical Vulnerability

Friday, October 30, 2020, 11:18 GMT

Before 5.04.114, a problem was discovered on Western Digital My Cloud NAS computers. They allow remote code execution with privilege escalation resulting from that.


Details:

The kernel for Linux has been patched to 4.14 LTS.

It has strengthened and hardened the security of the device’s administrative functions.

The admin user now has a password, and only a new security frontend has limited the admin dashboard and applications to admin access. Non-admin users are no longer authorized to view or connect with the device’s privileged CGI processes or applications, which decreases the operating system ‘s threat surface and eliminates many groups of bugs in remote code execution.

The admin dashboard now also supports HTTPS via Let’s Encrypt with automatic certificate creation.

If the user has been able to receive a legitimate certificate and the user can be correctly resolved by the browser, the browser will be immediately redirected to HTTPS when the admin dashboard is accessed.

Summary

Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution.

CVE Number: CVE-2020-12830
Reported by: Jae Young Jeong

Resolved vulnerability in FTP configuration that allowed full access to FTP shares.

Reported by: Miguel Carnero Gregorio

Addressed multiple remote code execution vulnerabilities that allowed escalation of privileges.

CVE Number: CVE-2020-25765CVE-2020-27158CVE-2020-27159CVE-2020-27160CVE-2020-27744
Reported by: Abdulla Ismayilov of UnderDefense

Sources:

Westerndigital