CVE-2024-2863 MEDIUM

CVE-2024-2863: Path traversal via file upload on LG LED Assistant

Vendor Lg Electronics
Product LG LED Assistant
Weakness CWE-35
Published March 25, 2024
Last update August 1, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant.

Key dates

02Disclosure timeline

March 25, 2024 CVE published
August 1, 2024 Record updated