VYPR

Roku TV

by Roku

CVEs (2)

  • CVE-2018-11314CriJul 3, 2018
    risk 0.63cvss 9.6epss 0.02

    The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.

  • CVE-2022-27152Apr 8, 2022
    risk 0.00cvss epss 0.00

    Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.