The intuitive dashboard guides you through the process of setting up users and shares, customizing system features and monitoring your storage. Multiple backup and RAID options help to ensure your most valuable photos, videos, music and files are secure from unexpected loss. Safeguard your irreplaceable media and files My Cloud Expert Series pre-configured NAS come populated with ultra-reliable WD Red™ NAS hard drives for the ultimate NAS experience. Powered by a Marvell® ARMADA® dual-core processor so you can transfer and stream photos, videos and music in ultra-fast speeds. Transfer your media with blazing-fast speeds Automatically copy files from a USB or camera with the touch of a button.Stream HD content to your media players, Smart TVs and gaming consoles.Access and share your media anywhere with our award-winning My Cloud app.Store and organize all your photos, videos and music in one safe place.Protect your content with multiple backup options, customize your NAS with a full suite of apps and enjoy peace of mind knowing that we’ve put our best in it, so you can put your best on it. Save all your valuable photos, videos, music and files on this ready-to-go, high-performance NAS solution for secure access to them anytime, from anywhere. Western Digital My Cloud EX2100 WDBWAZ0000NBK 2-Bay NAS Server is encryption capable Instructions on how to disable Twonky DLNA Media Server are available in this knowledge base article.Western Digital My Cloud EX2100 WDBWAZ0000NBK 2-Bay Dual Gigabit Ethernet NAS Server - Diskless - Brand New They are also advised to disable Twonky DLNA Media Server for the entire My Cloud or to disable Media Serving for Shares containing sensitive data. To ensure their data remains protected, users should keep sensitive data in a Password protected My Cloud Share. The My Cloud content can be accessed from the local network when Twonky DLNA Media Server is enabled because the server does not support authentication and is broadcast to any DLNA client without any authentication mechanism. WD was informed on the issue in January, but the company said they wouldn’t release a patch. Unfortunately, there is no official fix to address the vulnerability. Next, the attacker can use HTTP requests to fetch the actual files from the device, given that they are already in the possession of the URLs leading to those files (from the response collected at the previous step). This will result in the UPnP server responding with a list of files on the device. The researchers also published a proof-of-concept, explaining that an attacker needs to include XML with Browse action in the HTTP request to port 9000 asking for the TMSContentDirectory/Control resource. The Browse action returns XML with URLs to individual files on the device,” the security firm explains in an advisory. Specifically, anyone can issue HTTP requests to TMSContentDirectory/Control on port 9000 passing various actions. “It is possible to access files on the storage even when Public shares are disabled. Thus, any permissions or restrictions set by the owner or administrator are completely bypassed, Trustwave’s security researchers warn. The new drive, however, exposes data to any unauthenticated local network user, because of a Universal Plug and Play (UPnP) media server that the device automatically starts when powered on.īy default, it allows any users capable of sending HTTP requests to the drive to grab any files from the device. WD’s My Cloud represents a highly popular storage/backup device option, allowing users to easily backup important data (including documents, photos, and media files) and store it on removable media. The default configuration on the new Western Digital My Cloud EX2 storage device allows any users on the network to retrieve files via HTTP requests, Trustwave has discovered.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |