Vulnerabilities > LG > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-04 | CVE-2023-4614 | Path Traversal vulnerability in LG LED Assistant 2.1.45 This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. | 9.8 |
| 2023-09-04 | CVE-2023-4613 | Path Traversal vulnerability in LG LED Assistant 2.1.45 This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. | 9.8 |
| 2022-03-11 | CVE-2022-23730 | Unspecified vulnerability in LG Webos The public API error causes for the attacker to be able to bypass API access control. | 9.8 |
| 2021-08-24 | CVE-2021-38306 | OS Command Injection vulnerability in LG N1T1 Firmware Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter. | 9.8 |
| 2019-05-14 | CVE-2018-14839 | OS Command Injection vulnerability in LG N1A1 Firmware 3718.510 LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. | 9.8 |
| 2018-09-21 | CVE-2018-17173 | Code Injection vulnerability in LG Supersign CMS 2.5 LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail. | 9.8 |
| 2018-09-14 | CVE-2018-16287 | Unrestricted Upload of File with Dangerous Type vulnerability in LG Supersign CMS LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs. | 9.8 |
| 2018-09-14 | CVE-2018-16286 | Improper Authentication vulnerability in LG Supersign CMS LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits. | 9.8 |