Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Western Digital — Vulnerabilities & Security Advisories 44

Browse all 44 CVE security advisories affecting Western Digital. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Western Digital manufactures data storage solutions, including hard drives, solid-state drives, and network-attached storage devices, serving both consumer and enterprise markets. The company’s product portfolio, particularly its NAS and cloud-connected storage units, has historically been associated with numerous security flaws. Recorded vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insecure web interfaces or firmware components. These weaknesses allow attackers to potentially gain unauthorized access to stored data or compromise the underlying device. While specific major public breaches are less documented compared to larger software vendors, the high volume of Common Vulnerabilities and Exposures indicates persistent challenges in securing embedded systems and web management consoles. Maintaining robust firmware updates and secure configuration practices remains critical for mitigating risks associated with these storage appliances.

Found 14 results / 44Clear Filters
Top products by Western Digital: My Cloud My Cloud OS 5 My Cloud Home My Cloud Home and My Cloud Home Duo Sweet B Library WD Discovery TV Media Player EdgeRover My Cloud OS 5 Mobile App My Cloud Home web app
CVE IDTitleCVSSSeverityPublished
CVE-2025-30247 Western Digital My Cloud 安全漏洞 — My CloudCWE-78 9.8AICriticalAI2025-09-29
CVE-2024-22170 Unchecked buffer in Dynamic DNS client — My CloudCWE-119 9.8AICriticalAI2024-09-27
CVE-2022-29843 Western Digital My Cloud OS 5 devices Command Injection Vulnerability — My CloudCWE-78 6.2 Medium2023-01-25
CVE-2022-29844 Western Digital My Cloud OS 5 arbitrary file read and write vulnerability via ftp — My CloudCWE-23 6.7 Medium2023-01-25
CVE-2022-29838 Authentication issue with the encrypted volumes and auto mount feature in My Cloud devices — My CloudCWE-287 4.3 Medium2022-12-09
CVE-2022-29839 Remote Backups Application Discloses Stored Credentials — My CloudCWE-522 4.1 Medium2022-12-09
CVE-2022-22999 Cross-site Scripting Vulnerability in USB Backups App — My CloudCWE-79 8.2 High2022-07-25
CVE-2022-23000 Weak Default SSL use in Port Forwarding Service — My CloudCWE-757 7.3 High2022-07-25
CVE-2022-22995 Western Digital My Cloud OS 5 and My Cloud Home Unauthenticated Arbitrary File Write Vulnerability in Netatalk — My CloudCWE-59 10.0 Critical2022-03-25
CVE-2022-22994 Insufficient Verification of Data Authenticity Remote Code Execution Vulnerability on Western Digital My Cloud devices. — My CloudCWE-345 8.8 High2022-01-28
CVE-2022-22993 Limited Server-Side Request Forgery vulnerability on Western Digital My Cloud devices. — My CloudCWE-918 7.8 High2022-01-28
CVE-2022-22990 Limited authentication bypass vulnerability on Western Digital My Cloud devices — My CloudCWE-287 7.8 High2022-01-13
CVE-2022-22991 Command injection through unsecured HTTP calls on Western Digital My Cloud devices — My CloudCWE-78 7.8 High2022-01-13
CVE-2022-22989 Pre-authenticated stack overflow vulnerability on FTP Service — My CloudCWE-121 9.8 Critical2022-01-13

This page lists every published CVE security advisory associated with Western Digital. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.