CVE-2025-10204 - Vulnerability Details - OpenCVE

A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. This page contains a hidden form for resetting the administrator password. The attacker can manipulate the page using developer tools to display and use the form. This form allows you to change the administrator password without verifying login status or user permissions.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://lgsecurity.lge.com/bulletins

History

Sun, 14 Sep 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. This page contains a hidden form for resetting the administrator password. The attacker can manipulate the page using developer tools to display and use the form. This form allows you to change the administrator password without verifying login status or user permissions.
Title		Unauth Admin Reset Password on AC Smart II
Weaknesses		CWE-306
References		https://lgsecurity.lge.com/bulletins
Metrics		cvssV4_0 `{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: LGE

Published: 2025-09-14T12:43:30.393Z

Updated: 2025-09-14T12:43:30.393Z

Reserved: 2025-09-10T01:26:32.811Z

Link: CVE-2025-10204

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-14T13:15:32.067

Modified: 2025-09-14T13:15:32.067

Link: CVE-2025-10204

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-10204", "assignerOrgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "state": "PUBLISHED", "assignerShortName": "LGE", "dateReserved": "2025-09-10T01:26:32.811Z", "datePublished": "2025-09-14T12:43:30.393Z", "dateUpdated": "2025-09-14T12:43:30.393Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "AC Smart II", "vendor": "LG Electronics", "versions": [{"status": "affected", "version": "2.1.9"}]}], "datePublic": "2025-09-12T01:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization. </span><span style=\"background-color: rgb(255, 255, 255);\">This page contains a hidden form for resetting the administrator password. </span><span style=\"background-color: rgb(255, 255, 255);\">The attacker can manipulate the page using developer tools to display and use the form. </span><span style=\"background-color: rgb(255, 255, 255);\">This form allows you to change the administrator password without verifying login status or user permissions.</span>"}], "value": "A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization.\u00a0This page contains a hidden form for resetting the administrator password.\u00a0The attacker can manipulate the page using developer tools to display and use the form.\u00a0This form allows you to change the administrator password without verifying login status or user permissions."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 7.1, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "42f21055-226c-4bce-a3c8-ecf55a3551fb", "shortName": "LGE", "dateUpdated": "2025-09-14T12:43:30.393Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lgsecurity.lge.com/bulletins"}], "source": {"discovery": "UNKNOWN"}, "tags": ["unsupported-when-assigned"], "title": "Unauth Admin Reset Password on AC Smart II", "x_generator": {"engine": "Vulnogram 0.2.0"}}}}

{"cveTags": [{"sourceIdentifier": "product.security@lge.com", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been discovered in AC Smart II where passwords can be changed without authorization.\u00a0This page contains a hidden form for resetting the administrator password.\u00a0The attacker can manipulate the page using developer tools to display and use the form.\u00a0This form allows you to change the administrator password without verifying login status or user permissions."}], "id": "CVE-2025-10204", "lastModified": "2025-09-14T13:15:32.067", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "product.security@lge.com", "type": "Secondary"}]}, "published": "2025-09-14T13:15:32.067", "references": [{"source": "product.security@lge.com", "url": "https://lgsecurity.lge.com/bulletins"}], "sourceIdentifier": "product.security@lge.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "product.security@lge.com", "type": "Secondary"}]}