Vulnerabilities > LG > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-09 | CVE-2023-6317 | Unspecified vulnerability in LG Webos A prompt bypass exists in the secondscreen.gateway service running on webOS version 4 through 7. | 9.8 |
| 2024-03-25 | CVE-2024-2862 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in LG LED Assistant 2.1.65 This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant. | 9.8 |
| 2024-02-26 | CVE-2024-1885 | Unspecified vulnerability in LG Webos Signage 6.0.056 This vulnerability allows remote attackers to execute arbitrary code on the affected webOS of LG Signage. | 9.8 |
| 2023-09-04 | CVE-2023-4614 | Path Traversal vulnerability in LG LED Assistant 2.1.45 This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. | 9.8 |
| 2023-09-04 | CVE-2023-4613 | Path Traversal vulnerability in LG LED Assistant 2.1.45 This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. | 9.8 |
| 2022-03-11 | CVE-2022-23730 | Unspecified vulnerability in LG Webos The public API error causes for the attacker to be able to bypass API access control. | 9.8 |
| 2021-08-24 | CVE-2021-38306 | OS Command Injection vulnerability in LG N1T1 Firmware Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter. | 9.8 |
| 2019-05-14 | CVE-2018-14839 | OS Command Injection vulnerability in LG N1A1 Firmware 3718.510 LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. | 9.8 |
| 2018-09-21 | CVE-2018-17173 | Code Injection vulnerability in LG Supersign CMS 2.5 LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail. | 9.8 |
| 2018-09-14 | CVE-2018-16287 | Unrestricted Upload of File with Dangerous Type vulnerability in LG Supersign CMS LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs. | 9.8 |