CVE-2024-2862
CRITICAL EXPLOITED NUCLEILG LED Assistant - Unauthenticated Password Reset
Title source: nucleiDescription
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant.
Nuclei Templates (1)
LG LED Assistant - Unauthenticated Password Reset
HIGHVERIFIEDby beginee
Shodan:
http.title:"LG LED Assistant"
FOFA:
icon_hash="195291629"
Scores
CVSS v3
9.1
EPSS
0.7452
EPSS Percentile
98.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Details
VulnCheck KEV
2026-02-01
CWE
CWE-287
CWE-640
Status
published
Products (1)
lg/lg_led_assistant
2.1.65
Published
Mar 25, 2024
Tracked Since
Feb 18, 2026