Vulnerabilities > CVE-2018-16946 - Files or Directories Accessible to External Parties vulnerability in LG products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
lg
CWE-552
exploit available

Summary

LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. Attackers are able to download /updownload/t.report (aka Log & Report) files and download backup files (via download.php) without authenticating. These backup files contain user credentials and configuration information for the camera device. An attacker is able to discover the backup filename via reading the system logs or report data, or just by brute-forcing the backup filename pattern. It may be possible to authenticate to the admin account with the admin password.

Exploit-Db

descriptionLG Smart IP Camera 1508190 - Backup File Download. CVE-2018-16946. Webapps exploit for Hardware platform
fileexploits/hardware/webapps/45394.py
idEDB-ID:45394
last seen2018-10-07
modified2018-09-12
platformhardware
port
published2018-09-12
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/45394/
titleLG Smart IP Camera 1508190 - Backup File Download
typewebapps

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/149317/lgsmartipcamera-disclose.txt
idPACKETSTORM:149317
last seen2018-09-13
published2018-09-12
reporterEge Balci
sourcehttps://packetstormsecurity.com/files/149317/LG-Smart-IP-Camera-1508190-File-Disclosure.html
titleLG Smart IP Camera 1508190 File Disclosure