Andrea Danti - Fotolia

Q
Manage Learn to apply best practices and optimize your operations.

How can an authentication bypass vulnerability be exploited?

A vulnerability was found in Western Digital's My Cloud NAS device that can be easily exploited by hackers. Discover what this vulnerability is and how users can be protected.

Hackers recently exploited an authentication bypass vulnerability found in Western Digital's My Cloud network-attached storage devices. How easy was this for hackers and what has Western Digital done to protect its users?

A vulnerability putting Western Digital's My Cloud network-attached storage (NAS) device at risk can be easily exploited by hackers using an authentication bypass vulnerability.

This vulnerability occurs after a My Cloud NAS device version 2.30.196 or earlier is plugged into the Ethernet port of a Wi-Fi router that is connected to a home or private network. Businesses and individuals who share files, stream audio and video, and back up computers or mobile devices from the vulnerable central device are the most likely to be victimized by attackers exploiting this vulnerability.

Security researchers at Securify found that the vulnerability enables unauthenticated hackers to escalate their privileges to administrative level in order to gain network access to the central device. This is due to the way Western Digital's My Cloud creates an admin session tied to the IP address of the business or individual user making the request.

An unauthenticated attacker could further create a valid admin session without sending a username=admin cookie in the HTTP request to the central device's web interface. A CGI module containing the cgi_get_ipv6 command with the flag parameter set to 1 can be used to start a session that is tied to the IP address of the attacker.

After gaining access to a router, the attacker can download malicious firmware and change the router's domain name system to redirect to phishing websites. A successful attacker can view, copy, delete, change and overwrite files stored on the connected computers and mobile devices.

Users have been advised to download the firmware update from Western Digital's website; however, Western Digital hasn't warned users about vulnerable mobile devices that use Bluetooth connections to play music from the My Cloud NAS device. An enterprise or individual that uses My Cloud NAS systems in a heterogeneous network should also be aware of the Bleedingbit Bluetooth vulnerabilities in devices from Cisco, Cisco Meraki and Aruba Networks.

Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)

This was last published in January 2019

Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How has the vulnerability in Western Digital's My Cloud NAS device affected your enterprise?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close