VYPR

lg

by Cougar

CVEs (3)

  • CVE-2014-3928CriApr 3, 2017
    risk 0.64cvss 9.8epss 0.02

    Cougar-LG stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials.

  • CVE-2014-3929HigApr 3, 2017
    risk 0.49cvss 7.5epss 0.02

    The default configuration for Cougar-LG stores sensitive information under the web root with insufficient access control, which might allow remote attackers to obtain private ssh keys.

  • CVE-2014-3926MedMar 13, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 allows remote attackers to inject arbitrary web script or HTML via the "addr" parameter.