CNNVD-202510-461 Information

CNNVD ID

CNNVD-202510-461

Related CVE

CVE-2025-55971

• CNNVD Published: 2025-10-03

Description (Chinese)

TCL 65C655 Smart TV是中国TCL公司的一款智能电视。 TCL 65C655 Smart TV V8-R75PT01-LF1V269.001116版本存在安全漏洞，该漏洞源于UPnP MediaRenderer服务接受未经验证的SetAVTransportURI SOAP请求，可能导致服务端请求伪造攻击。

Description (English)

TCL 65C655 Smart TV is a smart TV from TCL China. TCL 65C655 Smart VV-R75PT01-LF1V269.001116 contains a security loophole that originates from the unverified SetAV TransportURI SOAP request for UPnP MediaRenderer services, which may result in a false attack by the service side.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

TCL

Published

2025-10-03

Last Modified

2026-02-24

References

https://github.com/Szym0n13k/CVE-2025-55971-Blind-Unauthenticated-SSRF-in-TCL-Smart-TV-UPnP-DLNA-AVTransport https://www.youtube.com/watch?v=FeNLGR_xFIA