CVE-2022-22989

Summary

My Cloud OS 5 was vulnerable to a pre-authenticated stack overflow vulnerability on the FTP service that could be exploited by unauthenticated attackers on the network. Addressed the vulnerability by adding defenses against stack overflow issues.

Affected Software

VendorProductVersion RangeStatus
Western DigitalMy CloudMy Cloud OS 5 < 5.19.117affected

Weaknesses

  • CWE-121: CWE-121 Stack-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References