CVE-2023-40500— LG Simple Editor 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2023-40500の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyContent command. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. . Was ZDI-CAN-19944.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
暴露危险的方法或函数
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
LG Simple Editor 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
LG Simple Editor是韩国乐金(LG)公司的一个简易编辑器。通过简化流程和在标牌上即时播放来创建新内容。 LG Simple Editor存在安全漏洞,该漏洞源于copyContent存在远程代码执行漏洞。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| LG | Simple Editor | LG Simple Editor 3.21.0 | - |
II. CVE-2023-40500の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2023-40500のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · LG · 2024-05-03 · 27 CVEs total
| CVE-2023-40499 | LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability | |
| CVE-2023-40512 | LG Simple Editor PlayerController getImageByFilename Directory Traversal Information Discl | |
| CVE-2023-40515 | LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability | |
| CVE-2023-40503 | LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnera | |
| CVE-2023-40502 | LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability | |
| CVE-2023-40513 | LG Simple Editor UserManageController getImageByFilename Directory Traversal Information D | |
| CVE-2023-40517 | LG SuperSign Media Editor ContentRestController getObject Directory Traversal Information | |
| CVE-2023-40506 | LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnera | |
| CVE-2023-40516 | LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability | |
| CVE-2023-40504 | LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability | |
| CVE-2023-40498 | LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability | |
| CVE-2023-40492 | LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerabil | |
| CVE-2023-40495 | LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability | |
| CVE-2023-41181 | LG SuperSign Media Editor getSubFolderList Directory Traversal Information Disclosure Vuln | |
| CVE-2023-40496 | LG Simple Editor copyStickerContent Directory Traversal Information Disclosure Vulnerabili | |
| CVE-2023-40501 | LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerabilit | |
| CVE-2023-40514 | LG Simple Editor FileManagerController getImageByFilename Directory Traversal Information | |
| CVE-2023-40493 | LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability | |
| CVE-2023-40508 | LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability | |
| CVE-2023-40505 | LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerabil |
Showing 20 of 27 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Simple Editor
- CVE-2023-40516
LG Simple Editor Incorrect Permission Assignment Local Privi - CVE-2023-40515
LG Simple Editor joinAddUser Improper Input Validation Denia - CVE-2023-40514
LG Simple Editor FileManagerController getImageByFilename Di - CVE-2023-40513
LG Simple Editor UserManageController getImageByFilename Dir - CVE-2023-40511
LG Simple Editor checkServer Authentication Bypass Vulnerabi
同じベンダー: LG
- CVE-2023-41181
LG SuperSign Media Editor getSubFolderList Directory Travers - CVE-2023-40517
LG SuperSign Media Editor ContentRestController getObject Di - CVE-2023-40515
LG Simple Editor joinAddUser Improper Input Validation Denia - CVE-2023-40516
LG Simple Editor Incorrect Permission Assignment Local Privi - CVE-2023-40514
LG Simple Editor FileManagerController getImageByFilename Di
同じ弱点: CWE-749
- CVE-2026-25266
Exposed dangerous function in windows host - CVE-2026-5173
Exposed Dangerous Method or Function in GitLab - CVE-2026-35488
Tandoor Recipes — CustomIsShared permits DELETE/PUT on Recip - CVE-2026-30957
OneUptime Synthetic Monitor RCE via exposed Playwright brows - CVE-2026-3483
Ivanti Desktop and Server Management 安全漏洞
V. CVE-2023-40500へのコメント
まだコメントはありません