A vulnerability classified as critical was found in LG SuperSign CMS (Content Management System) (unknown version). Affected by this vulnerability is an unknown code block of the file qsr_server/device/getThumbnail. The manipulation of the argument sourceUri as part of a Parameter leads to a code injection vulnerability. The CWE definition for the vulnerability is CWE-94. The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.

The bug was discovered 09/24/2018. The weakness was released 09/21/2018 (Website). The advisory is shared at mamaquieroserpentester.blogspot.com. This vulnerability is known as CVE-2018-17173 since 09/18/2018. The exploitation appears to be easy. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Technical details and also a public exploit are known. MITRE ATT&CK project uses the attack technique T1059 for this issue.

It is possible to download the exploit at exploit-db.com. It is declared as proof-of-concept. We expect the 0-day to have been worth approximately $5k-$25k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The vulnerability is also documented in the vulnerability database at Exploit-DB (45448).

Productinfo

Type

• Content Management System

Vendor

• LG

Name

• SuperSign CMS

License

• commercial

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion