Threat Encyclopedia

Samsung.DVR.Smart.Viewer.Reflected.XSS

Description

This indicates an attack attempt to exploit a Cross-Site Scripting vulnerability in Smart Viewer in Samsung Web Viewer for Samsung DVR.
The vulnerability is due to insufficient sanitizing of user-supplied inputs in the application. A remote attacker may be able to exploit this to execute arbitrary script code within the context of the application.

Affected Products

Smart Viewer in Samsung Web Viewer for Samsung DVR

Impact

System Compromise: Remote attackers can execute arbitrary script code in the context of the affected system.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2018-11689