Vulnerability in N/a
CVE-2018-16288
LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.
EPSS: 0.627 (98.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- 45440 (exploit, x_refsource_EXPLOIT-DB)
- mamaquieroserpentester.blogspot.com/2018/09/multiple-vulnerabilities-in-lg.html (x_refsource_MISC)
Frequently asked questions
- What is CVE-2018-16288?
- CVE-2018-16288 is a vulnerability in N/a. Published 2018-09-14.
- Is CVE-2018-16288 known to be exploited?
- 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.