Lucene search
AttackerKBAKB:BD6AC16E-E54F-4402-AD33-9F7C44AEDA3BHistorySep 11, 2019 - 12:00 a.m.
Supra Smart Cloud TV Remote File Inclusion
2019-09-1100:00:00
attackerkb.com
11
EPSS
0.907
Percentile
98.9%
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI.
Recent assessments:
pbarry-r7 at November 20, 2019 11:40pm UTC reported:
Have to be on the same local network as the target device to pull this off, but, hey, unauthenticated video broadcastingโฆ! Might make those doctor waiting room visits a little more interestingโฆ
Assessed Attacker Value: 1
Assessed Attacker Value: 1Assessed Attacker Value: 5
Related
cvelist
cvelist
CVE-2019-12477
2019-06-07 14:51:07
exploitdb
exploitdb
Supra Smart Cloud TV - 'openLiveURL()' Remote File Inclusion
2019-06-06 00:00:00
cve
cve
CVE-2019-12477
2019-06-07 15:29:01
nvd
nvd
CVE-2019-12477
2019-06-07 15:29:01
myhack58
myhack58
exploitpack
exploitpack
Supra Smart Cloud TV - openLiveURL() Remote File Inclusion
2019-06-06 00:00:00
zdt
zdt
Supra Smart Cloud TV - openLiveURL() Remote File Inclusion Vulnerability
2019-06-07 00:00:00
thn
thn
SUPRA Smart TV Flaw Lets Attackers Hijack Screens With Any Video
2019-06-03 09:15:00
packetstorm
packetstorm
Supra Smart Cloud TV Remote File Inclusion
2019-06-06 00:00:00
Supra Smart Cloud TV Remote File Inclusion
2024-08-31 00:00:00
metasploit
metasploit
Supra Smart Cloud TV Remote File Inclusion
2019-06-07 16:33:10
prion
prion
Remote file inclusion
2019-06-07 15:29:00
threatpost
threatpost
Smart-TV Bug Allows Rogue Broadcasts
2019-06-03 16:11:13