About CVE-2018-17153 vulnarability that's been fixed in v2.30.196 of the DL firmware


#1

So, for how long has this particular security vulnerability known about by WD where it can let the entire planet have Admin access to the DL’s firmware?

https://www.google.com/search?q=CVE-2018-17153

https://www.exploitee.rs/index.php/Western_Digital_MyCloud

Here is an interesting question. Can’t test it now as I’ve applied the latest firmware. The default admin username is “Admin”. Would the vulnerability work if the user-name of the admin account was changed to something other than “Admin”?


#2

From my tests with a MyCloud Mirror 1st Gen (which most likely share the same code base with others of the 2.11.x/2.30.x devices) it will work with every valid username (only tested with the ones having admin permissions).

But that is no big problem as you can easily enumerate valid usernames from the exposed Samba server.