CVE-2023-6319

CRITICAL

webOS <5.30.40, <6.3.3-442 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-6319. PoCs published by illixion.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in LG webOS TV's download manager service to start a telnet server as root. It uses a malicious filename with command substitution to execute `telnetd -lsh` on the target device.

Description

A command injection vulnerability exists in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service on webOS version 4 through 7. A series of specially crafted requests can lead to command execution as the root user. An attacker can make authenticated requests to trigger this vulnerability. * webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA * webOS 5.5.0 - 04.50.51 running on OLED55CXPUA * webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB * webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA

Exploits (1)

nomisec WORKING POC 50 stars

by illixion · poc

https://github.com/illixion/root-my-webos-tv

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in LG webOS TV's download manager service to start a telnet server as root. It uses a malicious filename with command substitution to execute `telnetd -lsh` on the target device.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: LG webOS TV (versions 4.9.7 - 7.3.1-43)

No auth needed

Prerequisites: Network access to the target TV · TV must be on the same LAN · TV must be vulnerable (unpatched)

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/

Vendor Advisory vendor-advisory

https://lgsecurity.lge.com/bulletins/tv#updateDetails

Scores

CVSS v3 9.1

EPSS 0.0644

EPSS Percentile 92.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (4)

lg/webos 4.9.7

lg/webos 5.5.0

lg/webos 6.3.3-442

lg/webos 7.3.1-43

Published Apr 09, 2024

Tracked Since Feb 18, 2026