漏洞描述
LG LED Assistant中存在目录遍历漏洞,该漏洞是由于upload接口对用户发送的数据验证不当造成的。
LG LED Assistant upload 目录遍历漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2024-2862: LG LED Assistant - Unauthenticated Password Reset
- POC CVE-2024-2863: LG LED Assistant - Thumbnail Path Traversal File Upload
- SNMP Web Pro /cgi-bin/upload.cgi 目录遍历漏洞(CVE-2025-65287)
- 月子会所ERP管理云平台 /Page/upload/UploadComponentHandler.ashx 文件上传漏洞
- 月子会所ERP管理云平台 /Page/upload/ModuleUpHandler.ashx 文件上传漏洞
- 月子会所ERP管理云平台 /Page/upload/AttachedHandler.ashx 文件上传漏洞
- POC CVE-2020-11732: Media Library Assistant < 2.82 - Unauthenticated Limited Local File Inclusion
- POC yonyou-u9-patchfile-upload: Yonyou U9 PatchFile.asmx - Unauthenticated Arbitrary File Upload
- 孚盟云CRM Ajax/upload.ashx SQL 注入漏洞
- 锐捷EWEB路由器 /ddi/server/fileupload.php 文件上传漏洞
- Tplay-cms /admin/common/upload 文件上传漏洞
- AstrBot /api/plugin/install-upload 命令执行漏洞(CVE-2025-55449)
- 美特CRM /common/jsp/upload3.jsp 文件上传漏洞