PT-2026-38435

Name of the Vulnerable Software and Affected Versions Optoma CinemaX P2 version TVOS-04.24.010.04.01 Description The device exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control. This API enables reading configuration across 74 endpoints and modifying settings such ...

EUVD-2026-10025

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access witho...