Known Vulnerabilities for Supersign Cms by Lg
Listed below are 5 of the newest known vulnerabilities associated with "Supersign Cms" by "Lg".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2018-17173 | LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbn... | 9.8 - CRITICAL | 2018-09-21 | 2019-05-06 |
| CVE-2018-16706 | LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsr_server/device/re... | 7.5 - HIGH | 2018-09-14 | 2020-08-24 |
| CVE-2018-16288 | LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs. | 8.6 - HIGH | 2018-09-14 | 2018-11-07 |
| CVE-2018-16287 | LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs. | 9.8 - CRITICAL | 2018-09-14 | 2018-11-07 |
| CVE-2018-16286 | LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, an... | 9.8 - CRITICAL | 2018-09-14 | 2018-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Lg | Supersign Cms | 2.5 | All | All | All |