Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2018-16946

🗓️ 12 Sep 2018 01:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 69 Views🌐 WEB

LG smart network camera devices have broken access control, allowing attackers to download sensitive files without authentication

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		LG Smart IP Camera 1508190 - Backup File Download Exploit
16 Sep 201800:00
zdt
Check Point Advisories		LG Smart IP Camera Authentication Bypass (CVE-2018-16946)
2 Oct 201800:00
checkpoint_advisories
Cvelist		CVE-2018-16946
12 Sep 201801:00
cvelist
Exploit DB		LG Smart IP Camera 1508190 - Backup File Download
12 Sep 201800:00
exploitdb
exploitpack		LG Smart IP Camera 1508190 - Backup File Download
12 Sep 201800:00
exploitpack
NVD		CVE-2018-16946
12 Sep 201801:29
nvd
Packet Storm		LG Smart IP Camera 1508190 File Disclosure
12 Sep 201800:00
packetstorm
Prion		Improper access control
12 Sep 201801:29
prion
NVD
Node
lglnb5110_firmwareRange13102501508190
AND
lglnb5110Match-
Node
lglnb5320_firmwareRange13102501508190
AND
lglnb5320Match-
Node
lglnb5320r_firmwareRange13102501508190
AND
lglnb5320rMatch-
Node
lglnb7210_firmwareRange13102501508190
AND
lglnb7210Match-
Node
lglnd3230r_firmwareRange13102501508190
AND
lglnd3230rMatch-
Node
lglnd5110_firmwareRange13102501508190
AND
lglnd5110Match-
Node
lglnd5110r_firmwareRange13102501508190
AND
lglnd5110rMatch-
Node
lglnd5220r_firmwareRange13102501508190
AND
lglnd5220rMatch-
Node
lglnd7210_firmwareRange13102501508190
AND
lglnd7210Match-
Node
lglnd7210r_firmwareRange13102501508190
AND
lglnd7210rMatch-
Node
lglnu3230r_firmwareRange13102501508190
AND
lglnu3230rMatch-
Node
lglnu5110r_firmwareRange13102501508190
AND
lglnu5110rMatch-
Node
lglnu5320r_firmwareRange13102501508190
AND
lglnu5320rMatch-
Node
lglnu7210r_firmwareRange13102501508190
AND
lglnu7210rMatch-
Node
lglnv5110r_firmwareRange13102501508190
AND
lglnv5110rMatch-
Node
lglnv5320r_firmwareRange13102501508190
AND
lglnv5320rMatch-
Node
lglnv7210_firmwareRange13102501508190
AND
lglnv7210Match-
Node
lglnv7210r_firmwareRange13102501508190
AND
lglnv7210rMatch-
ParameterPositionPathDescriptionCWE
filequery param/download.phpUnauthenticated access to backup/configuration download via file parameter.CWE-552
GetDeviceInformationquery param/httpapi?GetDeviceInformationTest for default admin credentials via HTTP API without authentication.CWE-552

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 03:53Current
7.4High risk
Vulners AI Score7.4
CVSS 25
CVSS 37.5
EPSS0.11007
CWE-552
cve-2018-16946lgsmart network cameraaccess controlauthenticationsensitive filesnvd
69