You are viewing a single comment's thread.

view the rest of the comments →

0
0

[–] derram ago 

https://archive.fo/WLAv5 :

WD My Cloud NAS devices have hard-wired backdoor • The Register

'MyCloud versions that need patching include MyCloud, MyCloudMirror, My Cloud Gen 2, My Cloud PR2100, My Cloud PR4100, My Cloud EX2 Ultra, My Cloud EX2, My Cloud EX4, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, and My Cloud DL4100. '

'WD mostly markets the My Cloud range as suited for file sharing and backup in domestic settings. '

'The file upload bug Bercegay mentions is in the function. '

'It became “pretty clear to me as the D-Link DNS-320L had the same exact hard coded backdoor and same exact file upload vulnerability that was present within the WDMyCloud. '

'So, it seems that the WDMyCloud software shares a large amount of the D-Link DNS-320L code, backdoor and all.”D-Link, he said, patched the DNS-320L in July 2014 (firmware version 1.0.6). '


This has been an automated message.