> The undocumented vulnerability resided in a file aptly named system_factory_restore. It contains a PHP script that performs resets, allowing users to restore all default configurations and wipe all data stored on the devices. > Normally, and for good reason, factory resets require the person making the request to provide a user password. This authentication ensures that devices exposed to the Internet can only be reset by the legitimate owner and not by a malicious hacker. This WD My Book situation is g

Hackers exploited 0-day, not 2018 bug, to mass-wipe My Book Live devices

(arstechnica.com)

Written By joeo10 2021-06-29T23:22:52Z

The undocumented vulnerability resided in a file aptly named systemfactoryrestore. It contains a PHP script that performs resets, allowing users to restore all default configurations and wipe all data stored on the devices.

Normally, and for good reason, factory resets require the person making the request to provide a user password. This authentication ensures that devices exposed to the Internet can only be reset by the legitimate owner and not by a malicious hacker.

This WD My Book situation is getting a lot more worse…

There's even code that shows how it's exploited.

A Lovely 10C Site!

Hackers exploited 0-day, not 2018 bug, to mass-wipe My Book Live devices

Tags: