WD’s My Cloud family of personal cloud products is potentially susceptible to the BASH/ Shellshock vulnerability. WD’s default software configuration and typical deployment for My Cloud devices lowers the risk to this threat. WD takes this threat seriously and is working on a patch to address this issue.
CVE-2014-6271 (original shellshock): not vulnerable
CVE-2014-6277 (segfault): not vulnerable
CVE-2014-6278 (Florian’s patch): not vulnerable
CVE-2014-7169 (taviso bug): not vulnerable
CVE-2014-7186 (redir_stack bug): not vulnerable
CVE-2014-7187 (nested loops off by one): not vulnerable
CVE-2014-//// (exploit 3 on http://shellshocker.net/): not vulnerable