CVE-2024-22170 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Digital MY Cloud

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources

Severity

9.2CRITICALNVD

EPSS

0.3%

top 51.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Western Digital MY Cloud

Timeline

PublishedSep 27

Description

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow Buffers.This issue affects My Cloud: before 5.29.102.

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages1 packages

▶CVEListV5western_digital/my_cloud< 5.29.102

🔴Vulnerability Details

GHSA

GHSA-h4fw-fxpw-rrgp: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Western Digital My Cloud ddns-start on Linux allows Overflow↗2024-09-27

▶