Western Digital My Cloud NAS devices vulnerable to unauthenticated RCE (CVE-2025-30247)
Western Digital has fixed a critical remote code execution vulnerability (CVE-2025-30247) in the firmware powering its My Cloud network-attached storage (NAS) devices, and has urged users to upgrade as soon as possible.
About CVE-2025-30247
Western Digital’s My Cloud devices are designed for home and small business users, to store documents and other content and access it via mobile apps or web browser. In small office settings, it’s also often used as a server for backups and a centralized place for project files.
CVE-2025-30247 is an OS command injection vulnerability in the firmware’s user interface, and allows remote attackers to execute arbitrary system commands via a specially crafted HTTP POST request.
The vulnerability’s CVSS string indicates that no prior authentication or user interaction is required for exploitation. A successful attack may result in full system compromise and the attackers having access to all the data stored on it and the ability to encrypt it, delete it, or modify it.
A compromised device could also provide a foothold for attackers who want to compromise other systems in the same network.
Update your firmware
CVE-2025-30247 affects My Cloud firmware prior to v5.31.108, which was released on September 23, for the following supported devices: My Cloud PR2100, My Cloud PR4100, My Cloud EX2 Ultra, My Cloud EX4100, My Cloud Mirror Gen 2, My Cloud EX2100, My Cloud DL2100, My Cloud DL4100, My Cloud WDBCTLxxxxxx-10, and My Cloud.
The vulnerability has been privately reported by a researcher, and there’s no mention of it being exploited in the wild.
“To take advantage of the latest security fixes, Western Digital recommends that users promptly update their devices to the latest firmware by clicking on the firmware update notification,” the company advised.
Devices with the automatic firware update option switched on have already been upgraded if they aren’t disconnected or powered off.
Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!