Loading
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.
Use CWE-94, Lg vendor hub and Supersign Cms product page to widen CVE-2018-17173 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2018-16287, CVE-2018-16286 and CVE-2018-16288 for nearby disclosures in the same product family.