Hi all,
I’m using the latest firmware (2.11.169) on a WD EXT4. I read about the hard coded password/backdoor in the past (WD My Cloud NAS devices have hard-wired backdoor • The Register) and wanted to confirm the problem is fixed.
I ran OpenVAS on my LAN and it was able to get root access on my NAS. The vulnerabilities here Western Digital MyCloud - Exploitee.rs have not been fixed.
The version of libupnp WD uses is 1.6.6 and contains multiple buffer overflow vulnerabilites (CVE-2012-5958, CVE-2012-5959, CVE-2012-5960, CVE-2012-5961, CVE-2012-5962, CVE-2012-5963, CVE-2012-5964, CVE-2012-5965) and needs to be updated to version 1.6.18.
Additionally, the Twonky server web console has no protection on MyCloud. You can see this by visiting http://your_nas_ip:9000/.
I know this is cheap quality consumer grade hardware but these vulnerabilities are unacceptable and undermines any of the security features advertised.
Is there an ETA for each of these items to be fixed? OpenVAS came back with other vulnerabilities but the ones listed above will lead to remote compromise and that’s what I can’t accept.
In the meantime, while we’re vulnerable I’d like to setup additional logging and monitoring. Does MyCloud support logging web access and general syslog to a remote syslog server? Thanks.