Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-22816

MEDIUM
Published 2023-06-30T21:01:16.209Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-22816. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
6.0
/10
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2025.03.14
0.005
probability
of exploitation in the wild

There is a 0.5% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-06-25
Exploit Probability
Percentile: 0.661
Higher than 66.1% of all CVEs

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED

Impact Metrics

Confidentiality
LOW
Integrity
HIGH
Availability
HIGH

Description

A post-authentication remote command injection vulnerability in a CGI file in Western Digital My Cloud OS 5 devices that could allow an attacker to build files with redirects and execute larger payloads.
This issue affects My Cloud OS 5 devices: before 5.26.300.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Western Digital

My Cloud OS 5

Affected Versions:

0
westerndigital

my_cloud_os_5

Affected Versions:

0
westerndigital

my_cloud_os_5

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-5fx6-86fq-8xxf

Advisory Details

A post-authentication remote command injection vulnerability in a CGI file in Western Digital My Cloud OS 5 devices that could allow an attacker to build files with redirects and execute larger payloads. This issue affects My Cloud OS 5 devices: before 5.26.300.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-22816
WEB https://www.westerndigital.com/support/product-security/wdc-23010-my-cloud-firmware-version-5-26-300

Advisory provided by GitHub Security Advisory Database. Published: July 1, 2023, Modified: April 4, 2024

References

https://www.westerndigital.com/support/product-security/wdc-23010-my-cloud-firmware-version-5-26-300
Published: 2023-06-30T21:01:16.209Z
Last Modified: 2024-09-09T14:39:16.112Z
Copied to clipboard!