module
Western Digital MyCloud multi_uploadify File Upload Vulnerability
| Disclosed | Created |
|---|---|
| Jul 29, 2017 | Jun 14, 2018 |
Disclosed
Jul 29, 2017
Created
Jun 14, 2018
Description
This module exploits a file upload vulnerability found in Western Digital's MyCloud
NAS web administration HTTP service. The /web/jquery/uploader/multi_uploadify.php
PHP script provides multipart upload functionality that is accessible without authentication
and can be used to place a file anywhere on the device's file system. This allows an
attacker the ability to upload a PHP shell onto the device and obtain arbitrary code
execution as root.
NAS web administration HTTP service. The /web/jquery/uploader/multi_uploadify.php
PHP script provides multipart upload functionality that is accessible without authentication
and can be used to place a file anywhere on the device's file system. This allows an
attacker the ability to upload a PHP shell onto the device and obtain arbitrary code
execution as root.
Author
Zenofex [email protected]
Platform
PHP
Architectures
php
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.