CVE-2024-2863
MEDIUM EXPLOITED NUCLEILG LED Assistant - Thumbnail Path Traversal File Upload
Title source: nucleiDescription
This vulnerability allows remote attackers to traverse paths via file upload on the affected LG LED Assistant.
Nuclei Templates (1)
LG LED Assistant - Thumbnail Path Traversal File Upload
HIGHVERIFIEDby beginee
Shodan:
http.title:"LG LED Assistant" OR http.title:"LED Assistant"
Scores
CVSS v3
5.3
EPSS
0.5677
EPSS Percentile
98.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
VulnCheck KEV
2026-01-14
CWE
CWE-22
CWE-35
Status
published
Products (1)
lg/lg_led_assistant
2.1.65
Published
Mar 25, 2024
Tracked Since
Feb 18, 2026