On Supra Smart Cloud TVs
For an attack, it is enough to send a specially designed network request that does not require authentication. In particular, you can call the "/remote/media_control?action=setUri&uri=" handler by specifying the URL of the m3u8 file with video parameters, for example "http://192.168.1.155/remote/media_control?action=setUri&uri=http://attacker .com/fake_broadcast_message.m3u8".
In most cases, access to the IP address of the TV is limited to the internal network, but since the request is sent via HTTP, it is possible to use methods to access internal resources when the user opens a specially designed external page (for example, under the guise of requesting an image or using the method
Source: opennet.ru