Lg Project: >> Lg >> 1.5 Security Vulnerabilities
Cougar-LG stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials.
CVSS Score
9.8
EPSS Score
0.007
Published
2017-04-03
The default configuration for Cougar-LG stores sensitive information under the web root with insufficient access control, which might allow remote attackers to obtain private ssh keys.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-04-03
Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 allows remote attackers to inject arbitrary web script or HTML via the "addr" parameter.
CVSS Score
6.1
EPSS Score
0.008
Published
2017-03-13