Test ID:	1.3.6.1.4.1.25623.1.0.117530
Category:	General
Title:	Western Digital My Book Live End of Life (EOL) Detection
Summary:	The remote Western Digital My Book Live device has reached the; End of Life (EOL) / End of Updates (EOU) and should not be used anymore.
Description:	Summary: The remote Western Digital My Book Live device has reached the End of Life (EOL) / End of Updates (EOU) and should not be used anymore. Vulnerability Insight: At least the following unfixed vulnerabilities exist affecting My Book Live and My Book Live Duo (all versions): - CVE-2018-18472: root remote command execution vulnerability affecting My Book Live (2.x and later) and My Book Live Duo (all versions): - CVE-2021-35941: unauthenticated factory reset vulnerability - No CVE: remotely exploitable command injection vulnerability when the device has remote access enabled Vulnerability Impact: An EOL / EOU My Book Live device is not receiving any security updates from the vendor. Unfixed security vulnerabilities might be leveraged by an attacker to compromise the security of this host. Solution: Replace the device by a still supported one. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-18472 https://community.wd.com/t/action-required-on-my-book-live-and-my-book-live-duo/268147 https://www.wizcase.com/blog/hack-2018/ Common Vulnerability Exposure (CVE) ID: CVE-2021-35941 https://arstechnica.com/gadgets/2021/06/hackers-exploited-0-day-not-2018-bug-to-mass-wipe-my-book-live-devices/ https://www.westerndigital.com/support/productsecurity/wdc-21008-recommended-security-measures-wd-mybooklive-wd-mybookliveduo
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.