Slashdot Mirror
'I'm Admin. You're Admin. Everyone is Admin.' Remote Access Bug Turns Western Digital My Cloud Into Everyone's Cloud (theregister.co.uk)
Researchers at infosec shop Securify revealed this week a vulnerability, designated CVE-2018-17153, which allows an unauthenticated attacker with network access to the device to bypass password checks and login with admin privileges. From a report:This would, in turn, give the attacker full control over the NAS device, including the ability to view and copy all stored data as well as overwrite and erase contents. If the box is accessible from the public internet, it could be remotely pwned, it appears. Alternatively, malware on a PC on the local network could search for and find a vulnerable My Cloud machine, and compromise it. According to Securify, the flaw itself lies in the way My Cloud creates admin sessions that are attached to an IP address. When an attacker sends a command to the device's web interface, as an HTTP CGI request, they can also include the cookie username=admin -- which unlocks admin access. Thus if properly constructed, the request would establish an admin login session to the device without ever asking for a password. In other words, just tell it you're the admin user in the cookie, and you're in. The researcher told TechCrunch that he reported the vulnerability to Western Digital last year, but the company "stopped responding."
Hey. Your friendly neighbour hacker here. I've noticed that you have terrible taste when it comes to porn so I've uploaded a few gig of some good stuff to your drive. You're welcome.
... large scale n00bie-style f*ckups by professional companies in the data-security field absolutely bedazzling. Isn't something of this type gross neglect or something and can't they be sued into next wednesday for it?
This is un-fucking-believable.
We suffer more in our imagination than in reality. - Seneca
How's life in the hypocrite lane?