‘WD My Cloud NAS systems are vulnerable due to pre-programmed login’

A security researcher has released details of unpatched vulnerabilities in Western Digital’s My Cloud NAS systems. One of the leaks concerns a hardcoded login, which the researcher describes as a backdoor.

The analysis of the vulnerable software comes from James Bercegay of security company GulfTech. The vulnerabilities are present in versions of My Cloud up to issue 2.30.165 and versions of My Cloud Mirror up to issue 2.30.165. Firmware with 04.x version numbers would not be vulnerable. The researcher discovered that there is a backdoor that listens for the username ‘mydlinkBRionyg’ and uses a default password. This could be used remotely to gain root access.

In addition, Bercegay discovered that it is possible to upload files to vulnerable devices and also open a root shell that way. He mentions that he has written Metasploit modules based on his findings. In addition to the two vulnerabilities described, he also discovered other vulnerabilities, such as csrf and command injection. A security analyst took to Twitter to say that a quick Shodan search had identified more than 8,000 vulnerable and Internet-accessible sites. devices has found.

Bercegay writes that he informed WD of his findings in June. After three days, he received confirmation that his report had been received, but then heard nothing more. That’s why he decided to publish the leaks now. Vulnerable devices include the My Cloud Gen2, PR2100, PR4100, EX2 Ultra, EX2, EX4, EX2100, EX4100, DL2100, and DL4100. It is not the first time that leaks have been found in the My Cloud software, at the beginning of last year an Exploiteers researcher discovered more than 80 leaks.