Security researchers warn for 8 critical zero-days in WD TV Media Player


Originally published at:

Security company SEC Consult warns that Western Digital’s TV Media Player contains several critical, unpatched, vulnerabilities that allow an attacker to take full control over the device. Once the device is compromised it’s even possible to take control over the network in which the device is installed.


The closest thing I have to a WD-TV-thingy is a DP-HDMI adapter, which lets me plug a TV into my laptop’s DisplayPort plug. Combine that with SSH and an abundance of cli tools, such as youtube-viewer, a terminal-based program that lets me search and watch YouTube videos, and mpv, a butt-kicking commandline-driven video player.