Roku Firmware
1 CVEs
product
Monthly
The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass
Roku Firmware
NVD
CVSS 3.0
9.6
EPSS
1.7%
EPSS 2%
CVSS 9.6
CRITICAL
Act Now
The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass
Roku Firmware
NVD