I have a 2TB MyCloud with firmware version v04.01.02-417
When I ssh into the device and run “smbd -V” the samba version is indicated to be 4.0.0rc5.
Unfortunately, 4.0.0rc5 is probably susceptible a remote code execution vulnerability in nmbd (the netbios name server). Does WD backport security fixes? Having reviewed the available source code it does not appear to be backported, but I may be blind.
Relevant NIST entry for the CVE is here: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3560