51 matches found
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of proper validation...
CVE-2023-4613
LG LED Assistant is affected by CVE-2023-4613, a path traversal vulnerability in the /api/settings/upload endpoint. The flaw stems from inadequate validation of a user-supplied path used in file operations, enabling remote attackers to execute arbitrary code in the current user context. Public de...
PT-2023-29862 · Lg · Lg Led Assistant
Name of the Vulnerable Software and Affected Versions: LG LED Assistant affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this issue. The specific flaw...
PT-2023-29877 · Lg · Lg Led Assistant
Name of the Vulnerable Software and Affected Versions: LG LED Assistant affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. Authentication is not required to exploit this issue. The specific flaw exists withi...
PT-2023-29872 · Lg · Lg Led Assistant
Name of the Vulnerable Software and Affected Versions: LG LED Assistant affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the...
LG LED Assistant Path Traversal Vulnerability
LG LED Assistant is a software from Luckin LG Korea. It is used to set up LED lights. A security vulnerability exists in LG LED Assistant, which arises from failure to properly validate a user-supplied path before using it in a file operation, allowing a remote attacker to execute code in the...
LG LED Assistant Path Traversal Vulnerability
LG LED Assistant is a software from Luckin LG Korea. It is used to set up LED lights. A security vulnerability exists in LG LED Assistant that originates from failure to properly validate a user-supplied path before using it in a file operation, allowing remote attackers to disclose information...
LG LED Assistant updateFile Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from the lack of prope...
LG LED Assistant thumbnail Directory Traversal Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...
LG LED Assistant setThumbnailRc Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of prope...
LG LED Assistant upload Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of proper validation...