2 matches found
LG On Screen Phone authentication bypass (CVE-2014-8757)
LG On Screen Phone authentication bypass vulnerability ------------------------------------------------------ SEARCH-LAB Ltd. discovered a serious security vulnerability in the On Screen Phone protocol used by LG Smart Phones. A malicious attacker is able to bypass the authentication phase of the...
CVE-2014-8757
LG On Screen Phone (OSP) before 4.3.010 is vulnerable to an authentication bypass via crafted requests. The issue is implemented in the OSP component listening on 0.0.0.0:8382, where an attacker on the same local network can bypass the confirmation dialog and gain full control of the phone withou...