Back to search
CVE-2025-30247
Published: Sep 29, 2025
Modified: Sep 30, 2025
PUBLISHED
Description
An OS command injection vulnerability in user interface in Western Digital My Cloud firmware prior to 5.31.108 on NAS platforms allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST.
| Vendor | Product | Versions |
|---|---|---|
Western Digital | My Cloud | affected 0 - < 5.31.108 |
Weaknesses (CWE)
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now