Anon Archived WD My Cloud NAS devices have hard-wired backdoor (theregister.co.uk)
submitted ago by 2328406?
Posted by: 2328406?
Posting time: 2.9 years ago on
Last edit time: never edited.
Archived on: 4/9/2018 10:00:00 AM
Views: 120
SCP: 10
10 upvotes, 0 downvotes (100% upvoted it)
Anon Archived WD My Cloud NAS devices have hard-wired backdoor (theregister.co.uk)
submitted ago by 2328406?
Sort: Top
[–] MakeMyDayPunk 1 point 0 points 1 point (+1|-1) ago
Yet another confirmation that justifies my lack of trust in home-based servers with Internet access to your home network. If it's that important you need access to stuff from home just use an online cloud service instead.
[–] B3bomber 0 points 1 point 1 point (+1|-0) ago
Cloud == a computer that is not yours. Let that one sink in.
Do not use a fucking remote storage you do not control.
Learn how to hook up normal HDDs/SSDs in your own built "network" storage computer (or just buy more drives for storage). Learn about VPN for accessing you physical stuff remotely.
[–] derram ago
https://archive.fo/WLAv5 :
'MyCloud versions that need patching include MyCloud, MyCloudMirror, My Cloud Gen 2, My Cloud PR2100, My Cloud PR4100, My Cloud EX2 Ultra, My Cloud EX2, My Cloud EX4, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, and My Cloud DL4100. '
'WD mostly markets the My Cloud range as suited for file sharing and backup in domestic settings. '
'The file upload bug Bercegay mentions is in the function. '
'It became “pretty clear to me as the D-Link DNS-320L had the same exact hard coded backdoor and same exact file upload vulnerability that was present within the WDMyCloud. '
'So, it seems that the WDMyCloud software shares a large amount of the D-Link DNS-320L code, backdoor and all.”D-Link, he said, patched the DNS-320L in July 2014 (firmware version 1.0.6). '
This has been an automated message.