5 matches found
VulnCheck KEV: CVE-2024-2862
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant...
CVE-2024-2862
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant...
CVE-2024-2862
creationtimestamp| type| source ---|---|--- 2025-12-23 21:03:00+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3maonj3t4aq2f 2026-02-03 21:02:53+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mdyb3onq4v2c...
CVE-2024-2862
LG LED Assistant exposes an unauthenticated password-reset vulnerability (CVE-2024-2862). The Nuclei template details an endpoint: /api/changePw that accepts requests from localhost and can be triggered by spoofing X-Forwarded-For: 127.0.0.1 to obtain a success response, enabling password resets ...
CVE-2024-2862 Password reset vulnerability without authorization on LG LED Assistant
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant...