Login Sign Up

CVE-2024-6179

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

This reflected cross-site scripting (XSS) vulnerability in LG SuperSign CMS allows attackers to inject malicious scripts into web pages viewed by users. Attackers can steal session cookies, redirect users to malicious sites, or perform actions on behalf of authenticated users. All organizations using affected versions of LG SuperSign CMS are vulnerable.

💻 Affected Systems

Products:
  • LG SuperSign CMS
Versions: from 4.1.3 before 4.3.1
Operating Systems: Any OS running SuperSign CMS
Default Config Vulnerable: ⚠️ Yes
Notes: All installations within the affected version range are vulnerable by default.

📦 What is this software?

Supersign Cms by Lg

View all CVEs affecting Supersign Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator credentials, gain full control of the SuperSign CMS, compromise connected digital signage displays, and potentially pivot to internal networks.

🟠

Likely Case

Attackers steal user session cookies to impersonate authenticated users, deface digital signage content, or redirect users to phishing sites.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts are neutralized before reaching users, preventing exploitation.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Reflected XSS typically requires user interaction (clicking a malicious link) but is technically simple to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.3.1 or later

Vendor Advisory: https://lgsecurity.lge.com/bulletins/idproducts#updateDetails

Restart Required: Yes

Instructions:

1. Download SuperSign CMS version 4.3.1 or later from LG's official portal. 2. Backup current configuration and data. 3. Install the update following LG's installation guide. 4. Restart the SuperSign CMS service.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with XSS protection rules to filter malicious input before it reaches the application.

Input Validation Filter

all

Implement server-side input validation to reject or sanitize suspicious parameters containing script tags.

🧯 If You Can't Patch

  • Isolate SuperSign CMS to internal network only, blocking external access.
  • Implement strict Content Security Policy (CSP) headers to restrict script execution sources.

🔍 How to Verify

Check if Vulnerable:

Check SuperSign CMS version via web interface or configuration files. If version is between 4.1.3 and 4.3.0 (exclusive), it's vulnerable.

Check Version:

Check web interface admin panel or configuration files for version information.

Verify Fix Applied:

Confirm version is 4.3.1 or higher. Test XSS payloads in input fields to ensure they're properly sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual long URLs with script tags in web server logs
  • Multiple failed login attempts from single IP

Network Indicators:

  • HTTP requests containing <script> tags or javascript: URIs
  • Unexpected redirects to external domains

SIEM Query:

source="webserver.log" AND ("<script>" OR "javascript:" OR "onerror=" OR "onload=")

📊 Metadata

CVE ID: CVE-2024-6179
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
Published: June 20, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6179, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)