| Max CVSS | 7.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-16706 | 7.8 |
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsr_server/device/reboot on port 9080.
|
24-08-2020 - 17:37 | 14-09-2018 - 21:29 | |
| CVE-2018-16286 | 5.0 |
LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits.
|
07-11-2018 - 17:24 | 14-09-2018 - 21:29 | |
| CVE-2018-16287 | 7.5 |
LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs.
|
07-11-2018 - 16:59 | 14-09-2018 - 21:29 | |
| CVE-2018-16288 | 7.8 |
LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.
|
07-11-2018 - 15:43 | 14-09-2018 - 21:29 |