CVE-2018-16946

Name of the Vulnerable Software and Affected Versions LG LNB*, LND*, LNU*, and LNV* smart network camera devices (affected versions not specified)

Description The issue concerns broken access control in the devices, allowing attackers to download sensitive files without authentication. Specifically, attackers can access /updownload/t.report (also known as Log & Report) files and backup files via download.php. These backup files contain user credentials and configuration information for the camera device. An attacker can discover the backup filename by reading system logs or report data, or by brute-forcing the backup filename pattern. This could potentially allow an attacker to authenticate to the admin account using the admin password.

Recommendations For LG LNB*, LND*, LNU*, and LNV* smart network camera devices, consider restricting access to the download.php endpoint and the /updownload/t.report file to minimize the risk of exploitation. Avoid using default or weak admin passwords, and ensure that all user credentials are securely stored. As a temporary workaround, consider disabling the backup file download feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.