Sign-up

ID

VAR-201809-0853


CVE

CVE-2018-16946


TITLE

plural LG smart network camera Vulnerabilities related to certificate and password management in product devices

Trust: 0.8

sources: JVNDB: JVNDB-2018-010881

DESCRIPTION

LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. Attackers are able to download /updownload/t.report (aka Log & Report) files and download backup files (via download.php) without authenticating. These backup files contain user credentials and configuration information for the camera device. An attacker is able to discover the backup filename via reading the system logs or report data, or just by brute-forcing the backup filename pattern. It may be possible to authenticate to the admin account with the admin password. LG LNB*, etc. A security vulnerability exists in several LG products. The following products are affected: LG LNB*; LG LND*; LG LNU*; LG LNV*

Trust: 1.8

sources: NVD: CVE-2018-16946 // JVNDB: JVNDB-2018-010881 // VULHUB: VHN-127356 // VULMON: CVE-2018-16946

AFFECTED PRODUCTS

vendor:lgmodel:lnu5320rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnd5110scope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnu5110rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnu3230rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnu7210rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnv5110rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnb5110scope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnd5220rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnu7210rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnd7210scope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnb5320scope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnb7210scope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnb5320rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnd7210rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnu3230rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnd5110rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnu5320rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnv7210rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnb5110scope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnd3230rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnv5320rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnv7210scope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnd5110scope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnd5220rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnu5110rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnv7210rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnb5320scope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnb7210scope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnd7210scope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnb5320rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnd3230rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnd7210rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnv5110rscope:gteversion:1310250

Trust: 1.0

vendor:lgmodel:lnd5110rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnv5320rscope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnv7210scope:lteversion:1508190

Trust: 1.0

vendor:lgmodel:lnb5110scope: - version: -

Trust: 0.8

vendor:lgmodel:lnb5320scope: - version: -

Trust: 0.8

vendor:lgmodel:lnb5320rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnb7210scope: - version: -

Trust: 0.8

vendor:lgmodel:lnd3230rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnd5110scope: - version: -

Trust: 0.8

vendor:lgmodel:lnd5110rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnd5220rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnd7210scope: - version: -

Trust: 0.8

vendor:lgmodel:lnd7210rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnu3230rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnu5110rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnu5320rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnu7210rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnv5110rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnv5320rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnv7210scope: - version: -

Trust: 0.8

vendor:lgmodel:lnv7210rscope: - version: -

Trust: 0.8

vendor:lgmodel:lnd7210scope:eqversion:1310250

Trust: 0.6

vendor:lgmodel:lnd7210scope:eqversion:1508190

Trust: 0.6

sources: JVNDB: JVNDB-2018-010881 // CNNVD: CNNVD-201809-645 // NVD: CVE-2018-16946

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-16946
value: HIGH

Trust: 1.0

NVD: CVE-2018-16946
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201809-645
value: HIGH

Trust: 0.6

VULHUB: VHN-127356
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-16946
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-16946
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-127356
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-16946
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-127356 // VULMON: CVE-2018-16946 // JVNDB: JVNDB-2018-010881 // CNNVD: CNNVD-201809-645 // NVD: CVE-2018-16946

PROBLEMTYPE DATA

problemtype:CWE-552

Trust: 1.1

problemtype:CWE-255

Trust: 0.9

sources: VULHUB: VHN-127356 // JVNDB: JVNDB-2018-010881 // NVD: CVE-2018-16946

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-645

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201809-645

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-010881

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-127356 // 
            
            
            
            VULMON: CVE-2018-16946

PATCH
title:Top Pageurl:https://www.lg.com/us
Trust: 0.8
title:Exp101tsArchiv30thersurl:https://github.com/nu11secur1ty/Exp101tsArchiv30thers 
Trust: 0.1
title: - url:https://github.com/lnick2023/nicenice 
Trust: 0.1
title:awesome-cve-poc_qazbnm456url:https://github.com/xbl3/awesome-cve-poc_qazbnm456 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-16946 // 
            
            
            
            JVNDB: JVNDB-2018-010881

EXTERNAL IDS
db:EXPLOIT-DBid:45394
Trust: 2.6
db:NVDid:CVE-2018-16946
Trust: 2.6
db:JVNDBid:JVNDB-2018-010881
Trust: 0.8
db:CNNVDid:CNNVD-201809-645
Trust: 0.7
db:PACKETSTORMid:149317
Trust: 0.1
db:SEEBUGid:SSVID-97531
Trust: 0.1
db:VULHUBid:VHN-127356
Trust: 0.1
db:VULMONid:CVE-2018-16946
Trust: 0.1
sources:
            
            
            VULHUB: VHN-127356 // 
            
            
            
            VULMON: CVE-2018-16946 // 
            
            
            
            JVNDB: JVNDB-2018-010881 // 
            
            
            
            CNNVD: CNNVD-201809-645 // 
            
            
            
            NVD: CVE-2018-16946

REFERENCES
url:https://www.exploit-db.com/exploits/45394/
Trust: 2.7
url:https://github.com/egebalci/lg-smart-ip-device-backup-download
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16946
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-16946
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/552.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-127356 // 
            
            
            
            VULMON: CVE-2018-16946 // 
            
            
            
            JVNDB: JVNDB-2018-010881 // 
            
            
            
            CNNVD: CNNVD-201809-645 // 
            
            
            
            NVD: CVE-2018-16946

SOURCES
db:VULHUBid:VHN-127356
db:VULMONid:CVE-2018-16946
db:JVNDBid:JVNDB-2018-010881
db:CNNVDid:CNNVD-201809-645
db:NVDid:CVE-2018-16946

LAST UPDATE DATE
2024-11-23T22:21:55.753000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-127356date:2019-10-03T00:00:00
db:VULMONid:CVE-2018-16946date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2018-010881date:2018-12-27T00:00:00
db:CNNVDid:CNNVD-201809-645date:2019-10-23T00:00:00
db:NVDid:CVE-2018-16946date:2024-11-21T03:53:33.647

SOURCES RELEASE DATE
db:VULHUBid:VHN-127356date:2018-09-12T00:00:00
db:VULMONid:CVE-2018-16946date:2018-09-12T00:00:00
db:JVNDBid:JVNDB-2018-010881date:2018-12-27T00:00:00
db:CNNVDid:CNNVD-201809-645date:2018-09-13T00:00:00
db:NVDid:CVE-2018-16946date:2018-09-12T01:29:00.250