Known Vulnerabilities for products from Western Digital
Listed below are 8 of the newest known vulnerabilities associated with the vendor "Western Digital".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-11178 json | Not Provided | 2025-09-30 | 2026-04-10 | |
| CVE-2025-7779 json | Not Provided | 2025-09-30 | 2026-04-10 | |
| CVE-2020-8990 json | Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation. | 9.1 - CRITICAL | 2020-02-20 | 2020-02-24 |
| CVE-2019-18931 json | Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control... | 8.8 - HIGH | 2019-11-13 | 2019-11-15 |
| CVE-2019-18930 json | Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest account) to remotely execute arbitrary... | 8.8 - HIGH | 2019-11-13 | 2019-11-15 |
| CVE-2019-18929 json | Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users (including guest accounts) to remotely execute arbitrar... | 8.8 - HIGH | 2019-11-13 | 2019-11-15 |
| CVE-2019-9951 json | Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Clo... | 9.8 - CRITICAL | 2019-04-24 | 2019-05-28 |
| CVE-2018-17153 json | It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerabil... | 9.8 - CRITICAL | 2018-09-18 | 2023-07-28 |
| CVE-2016-10108 json | Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php... | Not Provided | 2017-01-03 | 2026-05-06 |
| CVE-2016-10107 json | Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modi... | Not Provided | 2017-01-03 | 2026-05-06 |
Known software with vulnerabilities from Western Digital
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Western Digital | Ibi | - |
| Operating System | Western Digital | My Cloud Ex2 Ultra Firmware | 2.31.183 |
| Application | Western Digital | My Cloud Home | - |