CVE-2019-16399

Published: Sep 18, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root password welc0me.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/pak0s/22ad6bae26198ebcd137b61adb6fcfe6

x_refsource_MISC

http://packetstormsecurity.com/files/154524/Western-Digital-My-Book-World-II-NAS-1.02.12-Hardcoded-Credential.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-16399

Description

Affected Products

References