CVE-2024-22170

9.2

Critical

Published:27 Sep 2024

Last updated:17 Jun 2026

Source:psirt@wdc.com

Deferred

Weakness (CWE)

CWE-119Improper Restriction of Memory Buffer

CVSS Vector

v4.0

Attack Vector: Network
Attack Complexity: High
Attack Requirements: Present
Privileges Required: None
User Interaction: None
Confidentiality (Vulnerable): High
Integrity (Vulnerable): High
Availability (Vulnerable): High
Confidentiality (Subsequent): None
Integrity (Subsequent): None
Availability (Subsequent): None

View on MITRE Find PoC on GitHub

Description

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102.

References

psirt@wdc.com

https://www.westerndigital.com/support/product-security/wdc-24005-western-digital-my-cloud-os-5-firmware-5-29-102