CVE-2020-12427

HIGH

Western Digital WD Discovery <3.8.229 - CSRF

Title source: llm
STIX 2.1

Description

The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space.

References (2)

Core 2

Scores

CVSS v3 8.8
EPSS 0.0045
EPSS Percentile 36.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (1)
westerndigital/wd_discovery < 3.8.229
Published May 13, 2020
Tracked Since Feb 18, 2026