A critical vulnerability in Western Digital’s My Cloud devices has been identified. An unchecked buffer in the Dynamic DNS client allows attackers to execute arbitrary code.
This vulnerability, designated as CVE-2024-22170, carries a CVSS score of 9.2, indicating a high-severity threat.
https://cybersecuritynews.com/western-d ... loud-flaw/