4 matches found
CVE-2021-27942
Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs allow a threat actor to execute arbitrary code from a USB drive via the Smart Cast functionality, because files on the USB drive are effectively under the web root and can be executed...
CVE-2025-3705
A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' when loading a config file from a USB drive...
CVE-2024-52925
In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution can be performed by an attacker via the MD Kiosk Unlock Device feature for software encrypted USB drives...
CVE-2024-52925
OPSWAT MetaDefender Kiosk prior to version 4.7.0 is affected by an arbitrary code execution vulnerability via the MD Kiosk Unlock Device feature for software-encrypted USB drives. The root cause is exploitation of the unlock device functionality, enabling an attacker to execute code on the host. ...