CVE-2019-9950 : What You Need to Know
Learn about CVE-2019-9950, an authentication bypass vulnerability in Western Digital My Cloud, allowing unauthorized access. Find mitigation steps and affected systems here.
A vulnerability in the firmware of various Western Digital My Cloud devices allows attackers to bypass authentication and gain unauthorized access.
Understanding CVE-2019-9950
This CVE describes an authentication bypass vulnerability affecting multiple Western Digital My Cloud devices.
What is CVE-2019-9950?
The vulnerability allows attackers to access the control panel API with a default empty password, potentially leading to unauthorized access.
The Impact of CVE-2019-9950
The vulnerability enables attackers to modify web page source code and gain access to affected My Cloud devices as non-administrator users.
Technical Details of CVE-2019-9950
This section provides technical insights into the vulnerability.
Vulnerability Description
The issue lies in the login_mgr.cgi file's credential verification process, where the "nobody" account has a default empty password.
Affected Systems and Versions
- Western Digital My Cloud
- My Cloud Mirror Gen2
- My Cloud EX2 Ultra
- My Cloud EX2100
- My Cloud EX4100
- My Cloud DL2100
- My Cloud DL4100
- My Cloud PR2100
- My Cloud PR4100
Exploitation Mechanism
Attackers exploit the default empty password of the "nobody" account to access the control panel API and modify web page source code.
Mitigation and Prevention
Protect your systems from this vulnerability with the following steps:
Immediate Steps to Take
- Change the default password of the "nobody" account
- Apply firmware updates provided by Western Digital
Long-Term Security Practices
- Regularly update firmware and security patches
- Implement strong password policies and multi-factor authentication
Patching and Updates
- Update affected devices to firmware version 2.31.174 or later