MY Book Live Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-19	CVE-2018-18472	OS Command Injection vulnerability in Westerndigital MY Book Live Firmware Western Digital WD My Book Live and WD My Book Live Duo (all versions) have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/language_configuration language parameter. network low complexity westerndigital CWE-78 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.