8 matches found
CVE-2019-12477
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/mediacontrol?action=setUri= URI...
CVE-2019-12477
creationtimestamp| type| source ---|---|--- 2019-06-28 17:20:01+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/suprasmartcloudtvrfi.rb 2024-11-14 06:09:57+00:00| seen| MISP/fa925411-fecf-472d-b553-585ccffeeaf4 2025-02-06 03:13:43+00:00| seen|...
Supra Smart Cloud TV Remote File Inclusion
This module exploits an unauthenticated remote file inclusion which exists in Supra Smart Cloud TV. The media control for the device doesn't have any session management or authentication. Leveraging this, an attacker on the local network can send a crafted request to broadcast a fake video. This...
CVE-2019-12477
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/mediacontrol?action=setUri&uri= URI...
CVE-2019-12477
The CVE-2019-12477 entry describes a remote file inclusion in Supra Smart Cloud TV. The openLiveURL function is vulnerable to unauthenticated remote file inclusion via /remote/media_control?action=setUri&uri=, allowing a local attacker on the same network to broadcast fake video without authentic...
Supra Smart Cloud TV - openLiveURL() Remote File Inclusion Vulnerability
Exploit for hardware platform in category web applications Supra Smart Cloud TV - 'openLiveURL' Remote File Inclusion Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References:...
Supra Smart Cloud TV - openLiveURL() Remote File Inclusion
Supra Smart Cloud TV - openLiveURL Remote File Inclusion Exploit Title: Remote file inclusion Date: 03-06-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References:...
SUPRA Smart TV Flaw Lets Attackers Hijack Screens With Any Video
I have said it before, and I will say it again — Smart devices are one of the dumbest technologies, so far, when it comes to protecting users' privacy and security. As more and more smart devices are being sold worldwide, consumers should be aware of security and privacy risks associated with the...