4 matches found
CVE-2023-4616
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...
CVE-2023-4616
CVE-2023-4616 concerns a path traversal in LG LED Assistant’s /api/thumbnail endpoint. The vulnerability stems from insufficient validation of a user-supplied path before performing file operations, enabling an unauthenticated attacker to read sensitive information in the context of the current u...
CVE-2023-4616 thumbnail Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...
CVE-2023-4616 thumbnail Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...