Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

LG — Vulnerabilities & Security Advisories 31

Browse all 31 CVE security advisories affecting LG. AI-powered Chinese analysis, POCs, and references for each vulnerability.

LG Electronics operates as a global manufacturer of consumer electronics, home appliances, and vehicle components, serving both residential and commercial markets. Security assessments reveal a history of diverse vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation flaws within its embedded software and web interfaces. These issues often stem from insufficient input validation and weak authentication mechanisms in legacy firmware versions. While no catastrophic global breaches have defined the brand’s recent history, individual incidents have exposed sensitive user data and allowed unauthorized device control. The current record of thirty-one CVEs highlights ongoing challenges in maintaining secure codebases across a vast product ecosystem. Continuous updates and rigorous penetration testing remain critical for mitigating risks associated with interconnected smart devices and ensuring user privacy in an increasingly digital household environment.

Top products by LG: Simple Editor WebOS SuperSign Media Editor
CVE IDTitleCVSSSeverityPublished
CVE-2023-41181 LG SuperSign Media Editor getSubFolderList Directory Traversal Information Disclosure Vulnerability — SuperSign Media EditorCWE-22 7.5 -2024-05-03
CVE-2023-40517 LG SuperSign Media Editor ContentRestController getObject Directory Traversal Information Disclosure Vulnerability — SuperSign Media EditorCWE-22 7.5 -2024-05-03
CVE-2023-40515 LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability — Simple EditorCWE-20 7.5 -2024-05-03
CVE-2023-40516 LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability — Simple EditorCWE-732 7.8 -2024-05-03
CVE-2023-40514 LG Simple Editor FileManagerController getImageByFilename Directory Traversal Information Disclosure Vulnerability — Simple EditorCWE-22 6.5 -2024-05-03
CVE-2023-40513 LG Simple Editor UserManageController getImageByFilename Directory Traversal Information Disclosure Vulnerability — Simple EditorCWE-22 6.5 -2024-05-03
CVE-2023-40512 LG Simple Editor PlayerController getImageByFilename Directory Traversal Information Disclosure Vulnerability — Simple EditorCWE-22 6.5 -2024-05-03
CVE-2023-40511 LG Simple Editor checkServer Authentication Bypass Vulnerability — Simple EditorCWE-200 9.8 -2024-05-03
CVE-2023-40510 LG Simple Editor getServerSetting Authentication Bypass Vulnerability — Simple EditorCWE-200 9.8 -2024-05-03
CVE-2023-40509 LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability — Simple EditorCWE-22 9.1 -2024-05-03
CVE-2023-40508 LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability — Simple EditorCWE-22 9.1 -2024-05-03
CVE-2023-40507 LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability — Simple EditorCWE-611 7.5 -2024-05-03
CVE-2023-40506 LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability — Simple EditorCWE-611 7.5 -2024-05-03
CVE-2023-40505 LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability — Simple EditorCWE-78 9.8 -2024-05-03
CVE-2023-40503 LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability — Simple EditorCWE-611 7.5 -2024-05-03
CVE-2023-40504 LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability — Simple EditorCWE-78 9.8 -2024-05-03
CVE-2023-40502 LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability — Simple EditorCWE-22 9.1 -2024-05-03
CVE-2023-40501 LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability — Simple EditorCWE-749 9.8 -2024-05-03
CVE-2023-40500 LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability — Simple EditorCWE-749 9.8 -2024-05-03
CVE-2023-40499 LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability — Simple EditorCWE-22 9.1 -2024-05-03
CVE-2023-40498 LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability — Simple EditorCWE-22 9.8 -2024-05-03
CVE-2023-40497 LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability — Simple EditorCWE-22 9.8 -2024-05-03
CVE-2023-40495 LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability — Simple EditorCWE-22 7.5 -2024-05-03
CVE-2023-40496 LG Simple Editor copyStickerContent Directory Traversal Information Disclosure Vulnerability — Simple EditorCWE-22 7.5 -2024-05-03
CVE-2023-40494 LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability — Simple EditorCWE-22 9.1 -2024-05-03
CVE-2023-40493 LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability — Simple EditorCWE-22 9.8 -2024-05-03
CVE-2023-40492 LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability — Simple EditorCWE-22 9.1 -2024-05-03
CVE-2023-6320 Command injection in the com.webos.service.connectionmanager/tv/setVlanStaticAddress endpoint — webOSCWE-78 9.1 Critical2024-04-09
CVE-2023-6319 Command injection in the getAudioMetadata method from the com.webos.service.attachedstoragemanager service — webOSCWE-78 9.1 Critical2024-04-09
CVE-2023-6318 Command injection in the processAnalyticsReport method from the com.webos.service.cloudupload service — webOSCWE-78 9.1 Critical2024-04-09

This page lists every published CVE security advisory associated with LG. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.