CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2019-8372
https://notcve.org/view.php?id=CVE-2019-8372
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an associated symbolic link and an open DACL. El controlador "LHA.sys", en versiones anteriores a la 1.1.1811.2101 en LG Device Manager, expone una funcionalidad que permite a usuarios con privilegios bajos leer y escribir memoria física arbitraria mediante peticiones IOCTL especialmente manipuladas y elevar los privilegios del sistema. Esto ocurre debido a que el objeto "device" tiene asociado un enlace simbólico y un DACL abierto. • http://www.jackson-t.ca/lg-driver-lpe.html https://lgsecurity.lge.com/security_updates.html https://twitter.com/Jackson_T/status/1097353402034475009 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 87%CPEs: 1EXPL: 3CVE-2018-17173 – LG Supersign EZ CMS - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-17173
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail. LG SuperSign CMS permite que los atacantes remotos ejecuten código arbitrario mediante el parámetro sourceUri en qsr_server/device/getThumbnail. LG SuperSign EZ CMS, that many LG SuperSign TVs have built-in, is prone to a remote code execution vulnerability due to an improper parameter handling. • https://www.exploit-db.com/exploits/46795 https://www.exploit-db.com/exploits/45448 http://mamaquieroserpentester.blogspot.com/2018/09/lg-supersign-rce-to-luna-and-back-to.html http://packetstormsecurity.com/files/152733/LG-Supersign-EZ-CMS-Remote-Code-Execution.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16287
https://notcve.org/view.php?id=CVE-2018-16287
LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs. LG SuperSign CMS permite la subida de archivos mediante los URI signEzUI playlist edit upload ..%2f. • http://mamaquieroserpentester.blogspot.com/2018/09/multiple-vulnerabilities-in-lg.html • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-16286
https://notcve.org/view.php?id=CVE-2018-16286
LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits. LG SuperSign CMS permite la omisión de la autenticación debido a que se salta el requisito de CAPTCHA si se envía una cookie captcha:pass, y también debido a que el PIN se limita a 4 dígitos. • http://mamaquieroserpentester.blogspot.com/2018/09/multiple-vulnerabilities-in-lg.html • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-16706
https://notcve.org/view.php?id=CVE-2018-16706
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsr_server/device/reboot on port 9080. LG SuperSign CMS permite que los televisores se reinicien de forma remota sin autenticación mediante una petición HTTP directa a qsr_server device reboot en el puerto 9080. • https://github.com/Nurdilin/CVE-2018-16706 http://mamaquieroserpentester.blogspot.com/2018/09/multiple-vulnerabilities-in-lg.html • CWE-425: Direct Request ('Forced Browsing') •