Roku TV
by Roku
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-11314 | Cri | 0.63 | 9.6 | 0.02 | Jul 3, 2018 | The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker. | ||
| CVE-2022-27152 | 0.00 | — | 0.00 | Apr 8, 2022 | Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification. |
- risk 0.63cvss 9.6epss 0.02
The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.
- CVE-2022-27152Apr 8, 2022risk 0.00cvss —epss 0.00
Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.