cvedb.io
CVE-2022-36330
LOW · CVSS 1.9
EPSS exploitation probability: 0%
Published 2023-05-10T00:15:09.467 · Last modified 2026-06-17T04:53:16.287

Summary

A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their privileges in order to exploit this buffer overflow vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191. 

Affected products

westerndigital — my_cloud_home_duo_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when westerndigital ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.