CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-12477

Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/media_control?action=setUri&uri= URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.331

EPSS Ranking 96.7%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 2.1

References

http://packetstormsecurity.com/files/153191/Supra-Smart-Cloud-TV-Remote-File-Inclusion.html
https://drive.google.com/file/d/1ZVHn_bPE-3kqYd2D-3AJpXZdd4dlmzVh/view?usp=sharing
http://packetstormsecurity.com/files/153191/Supra-Smart-Cloud-TV-Remote-File-Inclusion.html
https://drive.google.com/file/d/1ZVHn_bPE-3kqYd2D-3AJpXZdd4dlmzVh/view?usp=sharing

Products affected by CVE-2019-12477

Supra » Stv-Lc40lt0020f » Version: N/A

cpe:2.3:h:supra:stv-lc40lt0020f:-
Supra » Stv-Lc40lt0020f Firmware » Version: N/A

cpe:2.3:o:supra:stv-lc40lt0020f_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12477

Products

Pricing

Contact Us