The MyCloud Auth Vulnerability Fixed by Western Digital with a Hotfix

  • 88

Western Digital have just released a hotfix as part of a firmware update to resolve the authentication bypass vulnerability (CVE-2018-17153) which was previously affecting MyCloud NAS Devices for over a year. The vulnerability allows for anyone to bypass authentication and get administrative access to the router. Once the attacker gains access to the router, they can flash it with a custom firmware and change the DNS to point to phishing based websites.

More Information about Authentication Bypass Vulnerability

When did WD take this issue into a priority?

After gaining a lot of attention from the media , WD posted a tweet stating that they are working on a fix for this vulnerability.

If you are using the WD MyCloud NAS Devices you can download the firmware from the WD’s website.

Firmware Download

Instructions on how to install the firmware update can be found in this security notice.

Take your time to comment on this article.


Harikrishna Mekala

I am a programmer and tech enthusiast who loves to use my creative skills to solve complex problems. I also love to stay abreast of what is happening in the world of technology, reach me at: [email protected]

Do NOT follow this link or you will be banned from the site!