"-Synchronized-Data."

2018/18xxx/CVE-2018-18472.json

@@ -34,7 +34,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Western Digital WD My Book Live (all versions) has a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device."
+                "value": "Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the wild in June 2021 for factory reset commands,"
             }
         ]
     },
@@ -52,15 +52,20 @@
     },
     "references": {
         "reference_data": [
-            {
-                "url": "https://www.wdc.com",
-                "refsource": "MISC",
-                "name": "https://www.wdc.com"
-            },
             {
                 "refsource": "MISC",
                 "name": "https://www.wizcase.com/blog/hack-2018/",
                 "url": "https://www.wizcase.com/blog/hack-2018/"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://www.westerndigital.com/support/productsecurity/wdc-21008-recommended-security-measures-wd-mybooklive-wd-mybookliveduo",
+                "url": "https://www.westerndigital.com/support/productsecurity/wdc-21008-recommended-security-measures-wd-mybooklive-wd-mybookliveduo"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147",
+                "url": "https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147"
             }
         ]
     }