Security researcher Dhiraj Mishra discovered a flaw in the SUPRA Smart Cloud TV brand. The TV is popular in Russia, China and the United Arab Emirates. The issue lies in the `openLiveURL()` function, which the TV uses to fetch streaming content. An attacker could gain remote access by chaining together an exploit for home routers with the TV flaw. The vulnerability remains unpatched; Mishra said that he couldn t find a way to contact the vendor.
Source: https://threatpost.com/smart-tv-bug-rogue-broadcasts/145275/