Several high privileged APIs on the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs do not enforce access controls, allowing an unauthenticated threat actor to access privileged functionality, leading to OS command execution. The specific attack methodology is a file upload.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-08-26T11:23:00

Updated: 2024-08-03T21:33:16.760Z

Reserved: 2021-03-03T00:00:00

Link: CVE-2021-27944

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-08-26T12:15:07.137

Modified: 2024-11-21T05:58:52.880

Link: CVE-2021-27944

cve-icon Redhat

No data.