A security researcher has published details of a vulnerability in a popular cloud storage drive after the company failed to issue security patches for over a year.
Remco Vermeulen found a privilege escalation bug in Western Digital’s My Cloud devices, which he said allows an attacker to bypass the admin password on the drive, gaining “complete control” over the user’s data.
The exploit works because drive’s web-based dashboard doesn’t properly check a user’s credentials before giving a possible attacker access to tools that should require higher levels of access.
The bug was “easy” to exploit, Vermeulen told TechCrunch in an email, and that it was remotely exploitable if a My Cloud device allows remote access over the internet — which thousands of devices are. He posted a proof-of-concept video on Twitter.
Details of the bug were also independently found by another security team, which released its own exploit code.
Vermeulen reported the bug over a year ago in April 2017, but said the company stopped responding. Normally, security researchers give 90 days for a company to respond, in line with industry-accepted responsible disclosure guidelines.
After he found that WD updated the My Cloud firmware in the meanwhile without fixing the …read more
Source:: TechCrunch Gadgets