Western Digital My Cloud Update
This blog was originally updated as of 1/9/2018, 11:00am PST and has further updates as on 1/12/2017, 3:30pm PST.
UPDATE 1/12/2018: The issue stated below concerning unauthorized access to multipart upload functionality has been addressed with a hotfix that can be immediately downloaded here: https://support.wdc.com/downloads.aspx?lang=en#firmware
As a reminder, we urge customers to ensure the firmware on their products is always up to date; enabling automatic updates is recommended. We also urge you to implement sound data protection practices such as regular data backups and password protection, including to secure your router when you use a personal cloud or network-attached storage device.
Western Digital works continuously to improve the capability and security of our products, including with the security research community to address issues they may uncover. We encourage responsible disclosure by customers and researchers to ensure our customers are protected while we address valid vulnerabilities.
Models with Dashboard Cloud Access:
- My Cloud EX2
- My Cloud EX4
- My Cloud EX2100
- My Cloud EX4100
- My Cloud EX2 Ultra
- My Cloud DL2100
- My Cloud DL4100
- My Cloud PR2100
- My Cloud PR4100
- My Cloud Mirror
- My Cloud Mirror Gen 2
Dashboard Cloud Access:
The Dashboard Cloud Access feature is available under Settings->General->Cloud Access.
Port Forwarding: Port forwarding of HTTP connections should disabled on the My Cloud device and the router. On My Cloud devices the port-forwarding feature is available under Settings->Network->Port Forwarding and can be used only if the connected router supports uPnP.
*v.2.11.169 for EX2, EX4, and Mirror Gen 1.