Critical 0-Day Allows Remote Hacking of DirecTV Video Bridge

An unpatched critical vulnerability impacting a wireless video bridge used by DirecTV allows for an attacker to remotely execute code on the vulnerable devices, Zero-Day Initiative researchers reveal.

The security vulnerability was discovered in the Linksys WVBR0-25 wireless video bridge, which was designed to pair with the Wireless Genie Mini (C41W) cable box to ensure communication with DirecTV’s main Genie DVR.

Tracked as CVE-2017-17411 and featuring a CVSS score of 10, the vulnerability was discovered by Trend Micro DVLabs researcher Ricky Lawshae, who says that authentication isn’t necessary when attempting to exploit the vulnerability for executing arbitrary code.

Read full news article on SecurityWeek

 


Date:

Categorie(s):