← Zuruck zu CVEs
CVE-2025-10204
N/ABeschreibung
A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. This page contains a hidden form for resetting the administrator password. The attacker can manipulate the page using developer tools to display and use the form. This form allows you to change the administrator password without verifying login status or user permissions.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht9/14/2025
Zuletzt geandert9/15/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-306
Referenzen
https://lgsecurity.lge.com/bulletins(product.security@lge.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.