Western Digital WD Discovery application before 3.8.229 Cross-Site Request Forgery (CSRF) Vulnerability
The WD Discovery application for My Cloud Home on Mac and Windows was vulnerable to CSRF attacks on an internal interface. This vulnerability could allow an attacker to initiate a synchronization operation between local folders and a chosen remote server.
The information has been provided by Vendor
The original article can be found at:https://support.wdc.com/downloads.aspx?g=907&lang=en
The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.
Western Digital WD Discovery application before 3.8.229