This page lists publicly disclosed CVE vulnerabilities affecting western_digital mycloud_nas (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2016-10108 | Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data. | [email protected] | 9.8 | 95.17% | 2017-01-03 | 2026-06-16 |
| CVE-2016-10107 | Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header. | [email protected] | 9.8 | 11.22% | 2017-01-03 | 2026-06-16 |