← Back

Photo Sharing Plus

photo_sharing_plus

Vendor: Sony • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-11336
1Sony
1Photo Sharing Plus
Nov 21, 2024
May 14, 2019
N/A· v4
8.1 HIGH· v3
4.3 MEDIUM· v2
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a d...Show more
Sony Bravia Smart TV devices allow remote attackers to retrieve the static Wi-Fi password (used when the TV is acting as an access point) by using the Photo Sharing Plus application to execute a backdoor API command, a different vulnerability than CVE-2019-10886.Show less
CVE-2019-10886
1Sony
1Photo Sharing Plus
Nov 21, 2024
Apr 19, 2019
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attacker to read arbitrary...Show more
An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware before PKG6.5629 version (for the X7500D TV and other applicable TVs). This vulnerability allows an attacker to read arbitrary files without authentication over HTTP when Photo Sharing Plus application is running. This may allow an attacker to browse a particular directory (e.g. images) inside the private network.Show less