exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2023-40504

почти 2 года назад

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. . Was ZDI-CAN-19953.

CVSS3: 9.8

EPSS: Критический

GHSA-qw6m-c2fr-wrgr

почти 2 года назад

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19953.

CVSS3: 9.8

EPSS: Критический

BDU:2023-05161

почти 3 года назад

Уязвимость метода readVideoInfo программного средства для создания/распространения контента LG Simple Editor, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код

CVSS3: 9.8

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-40504 LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. . Was ZDI-CAN-19953.	CVSS3: 9.8	92% Критический	почти 2 года назад
GHSA-qw6m-c2fr-wrgr LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19953.	CVSS3: 9.8	92% Критический	почти 2 года назад
BDU:2023-05161 Уязвимость метода readVideoInfo программного средства для создания/распространения контента LG Simple Editor, позволяющая нарушителю повысить свои привилегии и выполнить произвольный код	CVSS3: 9.8	92% Критический	почти 3 года назад

Уязвимостей на страницу