The default configuration for Cougar-LG stores sensitive information under the web root with insufficient access control, which might allow remote attackers to obtain private ssh keys.Referenceshttp://www.s3.eurecom.fr/cve/CVE-2014-3929.txthttps://github.com/Cougar/lg/issues/5https://hackerone.com/reports/16330
