LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.
References
Link | Resource |
---|---|
http://mamaquieroserpentester.blogspot.com/2018/09/lg-supersign-rce-to-luna-and-back-to.html | Exploit Technical Description Third Party Advisory |
http://packetstormsecurity.com/files/152733/LG-Supersign-EZ-CMS-Remote-Code-Execution.html | |
https://www.exploit-db.com/exploits/45448/ | Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/46795/ |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-09-21T17:00:00
Updated: 2019-05-06T20:06:04
Reserved: 2018-09-18T00:00:00
Link: CVE-2018-17173
JSON object: View
NVD Information
Status : Modified
Published: 2018-09-21T17:29:07.360
Modified: 2019-05-06T21:29:00.853
Link: CVE-2018-17173
JSON object: View
Redhat Information
No data.
CWE