CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2863 – Path traversal via file upload on LG LED Assistant
https://notcve.org/view.php?id=CVE-2024-2863
This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant. Esta vulnerabilidad permite a atacantes remotos atravesar rutas mediante la carga de archivos en el LG LED Assistant afectado. • https://lgsecurity.lge.com/bulletins/idproducts#updateDetails • CWE-35: Path Traversal: '.../ •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2862 – Password reset vulnerability without authorization on LG LED Assistant
https://notcve.org/view.php?id=CVE-2024-2862
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant. Esta vulnerabilidad permite a atacantes remotos restablecer la contraseña de usuarios anónimos sin autorización en el LG LED Assistant afectado. • https://lgsecurity.lge.com/bulletins/idproducts#updateDetails • CWE-287: Improper Authentication •