admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-06-25 10:00:47 +00:00
parent 3f0a5e3644
commit f3d7b8fc63
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
2018/18xxx/CVE-2018-18472.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Western Digital WD My Book Live (all versions) has a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device."
"value": "Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the wild in June 2021 for factory reset commands,"
}
]
},
@ -52,15 +52,20 @@
},
"references": {
"reference_data": [
{
"url": "https://www.wdc.com",
"refsource": "MISC",
"name": "https://www.wdc.com"
},
{
"refsource": "MISC",
"name": "https://www.wizcase.com/blog/hack-2018/",
"url": "https://www.wizcase.com/blog/hack-2018/"
},
{
"refsource": "CONFIRM",
"name": "https://www.westerndigital.com/support/productsecurity/wdc-21008-recommended-security-measures-wd-mybooklive-wd-mybookliveduo",
"url": "https://www.westerndigital.com/support/productsecurity/wdc-21008-recommended-security-measures-wd-mybooklive-wd-mybookliveduo"
},
{
"refsource": "MISC",
"name": "https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147",
"url": "https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147"
}
]
}