Westerndigital My Cloud vulnerabilities

CVE-2023-22813 [MEDIUM] CWE-200 CVE-2023-22813: A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a permissive CORS policy and missing authentication requirement for private

CVE-2018-7928 [MEDIUM] CVE-2018-7928: There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the M There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. When re-configuring the mobile phone using the FRP function, an attacker can replace the old account with a new one through special steps by exploit this vulnerability. As a re