CVE-2024-2862
CRITICAL EXPLOITED NUCLEILG LED Assistant - Unauthenticated Password Reset
Title source: nucleiDescription
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant.
Nuclei Templates (1)
LG LED Assistant - Unauthenticated Password Reset
HIGHVERIFIEDby beginee
Shodan:
http.title:"LG LED Assistant"
FOFA:
icon_hash="195291629"
Scores
CVSS v3
9.1
EPSS
0.7896
EPSS Percentile
99.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Exploitation Intel
VulnCheck KEV
2026-02-01
Classification
CWE
CWE-287
CWE-640
Status
published
Affected Products (1)
lg/lg_led_assistant
Timeline
Published
Mar 25, 2024
Tracked Since
Feb 18, 2026