Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:54 a.m.11 views

CVE-2023-4616

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...

7.5CVSS6.1AI score0.01251EPSS
Exploits0References1
CVE
CVE
added 2023/09/04 10:42 a.m.2517 views

CVE-2023-4616

CVE-2023-4616 concerns a path traversal in LG LED Assistant’s /api/thumbnail endpoint. The vulnerability stems from insufficient validation of a user-supplied path before performing file operations, enabling an unauthenticated attacker to read sensitive information in the context of the current u...

7.5CVSS7.3AI score0.01251EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/09/04 10:42 a.m.27 views

CVE-2023-4616 thumbnail Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...

7.5CVSS7.5AI score0.01251EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/09/04 10:42 a.m.13 views

CVE-2023-4616 thumbnail Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...

7.5CVSS6.3AI score0.01251EPSS
Exploits0References2
Rows per page
Query Builder