VYPR

CinemaX P2

by Optoma

CVEs (2)

  • CVE-2026-30496CriMay 7, 2026
    risk 0.64cvss 9.8epss 0.00

    The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration (74 endpoints) and writing/modifying settings including…

  • CVE-2026-30495HigMay 7, 2026
    risk 0.57cvss 8.8epss 0.00

    The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes Android Debug Bridge (ADB) on TCP port 5555 over the network without requiring authentication. The device is configured with ro.adb.secure=0, which disables RSA key verification. Additionally,…