mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.0 KiB
1.0 KiB
CVE-2019-13474
Description
TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient access control for the /set_dname, /mylogo, /LocalPlay, /irdevice.xml, /Sendkey, /setvol, /hotkeylist, /init, /playlogo.jpg, /stop, /exit, /back, and /playinfo commands.
POC
Reference
- http://packetstormsecurity.com/files/174503/Internet-Radio-auna-IR-160-SE-UIProto-DoS-XSS-Missing-Authentication.html
- http://seclists.org/fulldisclosure/2019/Sep/12
- https://www.vulnerability-lab.com/get_content.php?id=2183