CVE-2025-55971
BaseFortify
Publication date: 2025-10-03
Last updated on: 2025-10-15
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tcl | 65c655_firmware | v8-r75pt01-lf1v269.001116 |
| tcl | 65c655 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a blind, unauthenticated Server-Side Request Forgery (SSRF) in the TCL 65C655 Smart TV's UPnP MediaRenderer service. An attacker can send unauthenticated requests to the TV's AVTransport service, causing the TV to fetch attacker-controlled external URIs. This allows the attacker to make the TV send requests on their behalf to internal or external network services, potentially probing or exploiting other systems accessible from the TV.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to use the TV to send requests to internal network services or external internet targets without authentication. This can be used to probe internal networks, discover services, or launch further attacks, potentially leading to unauthorized access or exploitation of other devices or services accessible from the TV.