View However, I have the Smart-TV found


Posted January 28, 2016 by angelajhon

View However, I have the Smart-TV found a strange problem: When the user opens the main settings of the TV, all icons and widgets are downloaded from servers of the manufacturer.

 
View However, I have the Smart-TV found a strange problem: When the user opens the main settings of the TV, all icons and widgets are downloaded from servers of the manufacturer, when the device has network access. The TV does not use any authentication or encryption when downloading the content. This means that an attacker to perform a man-in-the-middle attack on the Television and can change the images the administration interface. In addition, it can be any JavaScript load into the TV, which is not very good. A potential attack vector is namely to read local files via JavaScript the device and use the contents of the files to find more vulnerabilities. But because I am already working with the manufacturer to find out whether this is possible or not. As proof of my attack, I have replaced the image of a widget with a photo of Borate. Yakshemash! Chi call in this article does not name and manufacturer of your TV, NAS devices or the DSL router - and deliberately. The aim of my research is to specify with undiscovered vulnerabilities, I have found, or to say that home entertainment virtnext

http://x4facts.com/virtnext/
-- END ---
Share Facebook Twitter
Print Friendly and PDF DisclaimerReport Abuse
Contact Email [email protected]
Issued By asdf
Business Address Manthana, New York
Manthana, New York
Country United States
Categories Deals , Defense , Design
Last Updated January 28, 2016