Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Several high privileged APIs on the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs do not enforce access controls, allowing an unauthenticated threat actor to access privileged functionality, leading to OS command execution. The specific attack methodology is a file upload.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Vizio P65-F1 命令注入漏洞
Vulnerability Description
Vizio P65-F1是Vizio公司的一个显示器。 多款 Vizio 产品中存在命令注入漏洞,该漏洞源于产品的多个高特权API未对用户身份做有效验证。攻击者可通过该漏洞访问特权功能并上传文件导致系统命令执行。以下产品及版本受到影响:Vizio P65-F1 6.0.31.4-2, E50x-E1 10.0.31.4-2 Smart TVs。
CVSS Information
N/A
Vulnerability Type
N/A