'My Cloud' devices have a Dangerous Backdoor!!!!!! Stop using these NAS drives
Recently, Security researchers have found a very hard-coded backdoor in western Digital's My Cloud NAS devices which allow attackers to gain unauthorized root access to the devices. Western Digital's My Cloud is a very popular storage device which is used by many companies to save their files and it create automatically backup and sync them with various cloud
This device has very useful because it provide share files option from which the user can share any files from anywhere and at any time even when they are not in home network. Since these devices have been formed for connected over internet, the hard-coded backdoor leaves user data openly for hackers to access them easily.
GulfTech research and development team has recently published an detail information about these vulnerabilities present in the Western Digital My Cloud storage which allow hackers to inject their payloads easily to upload and download the sensitive data of the company.
James Bercegay of GulfTech tells vendor and report the issue in June last year. After confirmation of vendor about these vulnerabilities they require time period of 90 days before disclosure of these vulnerabilities. On 3rd January they publically announce about these vulnerability almost after 180 days.