A researcher reported ‘extraordinary’ vulnerabilities in TCL Android TVs – TCL is the world’s 3rd largest TV manufacturer.
Sticking with the television has been a long habit of entertainment consumers now more than ever thanks to the inbuilt integration offered with apps such as Netflix.
Riding on this wave, TCL happens to be one such manufacturer who has become the 3rd largest in this industry, beating a lot of noteworthy rivals. However, there is bad news too. Just recently, a security report by the researcher has found some serious vulnerabilities in TCL Android TVs.
See: New malware found targeting IoT devices, Android TV globally
To start with, a Nmap scan was done on the television which revealed a range of open TCP ports serving as the first red flag. Investigating further into this, the researcher used the IP addresses obtained of the open ports to try accessing them via a web browser.
Out of this while some did not open or made the browser blank-point crash, some of them showed interesting messages such as the user not being allowed to access a particular file. But testing another address “http://10.0.0.117:7989/sdcard” finally yielded the results to a directory served entirely over HTTP – a very insecure practice.
To this, the researcher explained in their android manufacturer plagued extraordinary flaws
