This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED...
5.3CVSS
7.5AI Score
0.0004EPSS
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED...
9.1CVSS
7.6AI Score
0.0004EPSS
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper...
7.5CVSS
7.3AI Score
0.002EPSS
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from the lack of proper....
7.5CVSS
7.3AI Score
0.002EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of proper....
9.8CVSS
9.6AI Score
0.019EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of proper validation.....
9.8CVSS
9.6AI Score
0.019EPSS