VYPR

LED Assistant

by LG

CVEs (6)

  • CVE-2024-2862Mar 25, 2024
    risk 0.06cvss epss 0.51

    This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant.

  • CVE-2024-2863Mar 25, 2024
    risk 0.04cvss epss 0.67

    This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant.

  • CVE-2023-4616Sep 4, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack…

  • CVE-2023-4615Sep 4, 2023
    risk 0.00cvss epss 0.01

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from…

  • CVE-2023-4614Sep 4, 2023
    risk 0.00cvss epss 0.02

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from…

  • CVE-2023-4613Sep 4, 2023
    risk 0.00cvss epss 0.02

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of…