Western Digital NAS systems are vulnerable to exploitation by hackers due to a bug. They can take over systems. A patch is available.
Western Digital My Cloud NAS devices are susceptible to a critical vulnerability. CVE-2025-30247 allows attackers to inject code and remotely take over a system. This can be done by sending specially crafted HTTP POST requests to vulnerable systems. A successful attack enables a hacker to modify a system, steal data, or deploy ransomware.
Urgent Patch
Western Digital has released a patch with firmware version 5.31.108. Users should install it immediately. All previous firmware versions contain the bug. The following devices are vulnerable until the update is implemented:
- My Cloud PR2100
- My Cloud PR4100
- My Cloud EX4100
- My Cloud EX2 Ultra
- My Cloud Mirror Gen 2
- My Cloud DL2100
- My Cloud EX2100
- My Cloud DL4100
- My Cloud WDBCTLxxxxxx-10
Although Western Digital explicitly mentions the My Cloud DL4100 and DL2100, they are no longer officially supported. It is unclear if an exception will be made for this bug. For devices that are no longer supported, it is always important to shield them from the internet.
Western Digital has been rolling out the update itself since September 23 to customers who have enabled automatic updates. It is a good idea to check which firmware version a device is actually running. Firmware can also be updated manually via Western Digital’s website. A reboot is necessary in any case.