{"id":54652,"date":"2023-11-22T15:02:42","date_gmt":"2023-11-22T15:02:42","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35222\/Netflix-Bug-That-Opened-Smart-TVs-To-Attacks-Is-Detailed-4-Years-Later.html"},"modified":"2023-11-22T15:02:42","modified_gmt":"2023-11-22T15:02:42","slug":"netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/","title":{"rendered":"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/11\/video-streaming.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A bug in Netflix\u2019s screencast protocol allowed hackers to hijack video streams and \u201cRickroll\u201d unassuming victims, or worse. The bug, which impacted the DIAL protocol created by Netflix and Alphabet\u2019s YouTube, was patched in 2019. Last week the researcher who discovered the vulnerability, Yunus \u00c7adirci, released the <a href=\"https:\/\/github.com\/yunuscadirci\/DIALStranger\">technical specifics of the vulnerability<\/a> for the first time at Black Hat Middle East and Africa.&nbsp; &nbsp;<\/p>\n<p>The flaw, dubbed DIALStranger, affects TVs, game consoles and any hardware that is discoverable to a nearby device in a local network that also supports the DIAL protocol.<\/p>\n<p>The researcher told SC Media that he waited years to disclose the vulnerability to allow vendors to phase out or implement fixes on effected hardware. \u201cI decided to wait a couple of years for devices to be updated to be aligned with protocol changes and browsers became more secure,\u201d he said.<\/p>\n<h2>DIAL lacked basic IOT security features<\/h2>\n<p>The <a href=\"https:\/\/www.dial-multiscreen.org\/\">DIAL protocol<\/a> was developed by Netflix and YouTube, with collaboration from Sony and Samsung, and allows easy screen casting between devices connected to the same local network. The protocol allows pairing without authentication. The protocol shortens the process for multi-screen video sharing from seven steps to just two steps, allowing \u201csecond screen\u201d devices such as smartphones to discover and launch playback commands to \u201cfirst screen\u201d devices like smart TVs.<\/p>\n<p>\u201cI found [the] protocol doesn\u2019t cover some basic security features and most of [the] TV vendors didn\u2019t implement [the] protocol correctly,\u201d \u00c7adirci wrote on GitHub. \u201cHackers can play any video on the TVs with or without user interaction.\u201d<\/p>\n<p>\u00c7adirci, an IT security architect at D360 Bank, found that DIAL automatically trusted the local network and made service URLs of first screen devices readily available to devices that discovered them. Using Masscan, a TCP port scanner, and similar tools to locate unsecured devices online, \u00c7adirci determined more than a million of these exposed URLs could be exploited by malicious actors to remotely control screens.<\/p>\n<h2>Delivering a Rickroll payload<\/h2>\n<p>At Black Hat, \u00c7adirci demonstrated how DIALStranger could be used to play an unexpected video \u2013 in this case, a \u201cRickroll\u201d \u2013 on an LG smart TV. He also said he successfully used the vulnerability to exploit an Xbox One console and a Philips smart TV in 2019.<\/p>\n<p>Beyond pranks and mischief, DIALStranger could be used to spread propaganda, or to profit from paid ads by commandeering hundreds of thousands of devices to rack up views for a particular video, \u00c7adirci said. The vulnerability would be especially troublesome for large offices or malls with many devices on the same local area network, he added.<\/p>\n<h2>The arduous task of patching IoT devices<\/h2>\n<p>Smart TVs and other first screen devices are safer now than they were in 2019, said \u00c7adirci, who previously discovered <a href=\"https:\/\/www.scmagazine.com\/news\/callstranger-bug-in-billions-of-devices-allows-data-exfiltration-dos-attacks\">a vulnerability called CallStranger<\/a> in the Universal Plug and Play (UPnP) protocol that DIAL relies on. He told SC Media his experience with CallStranger showed him that it can take years for such IOT vulnerabilities to be reasonably resolved.<\/p>\n<p>\u201cThis research started 2019 simultaneously with CallStranger CVE-2020-12695 and I saw fixing protocol vulnerabilities related to IoT is one of the hardest things in cyber security,\u201d \u00c7adirci said. \u201cMost of [the] devices are not getting updates and vendors are providing updates for just latest devices.\u201d<\/p>\n<h2>Netflix\u2019s fix for DIAL<\/h2>\n<p>\u00c7adirci first provided his DIALStranger report to Netflix in January 2020, and Netflix updated the protocol in August the same year. <a href=\"https:\/\/www.dial-multiscreen.org\/dial\/announcements\/dial-specification-2-2-1-released\">The latest version<\/a> beefs up security checks around the protocol\u2019s CORS mechanism that previously failed to insulate devices from all potential attack vectors.<\/p>\n<p>In the last four years, device vendors have also mitigated the problem in several ways, including by implementing DIAL updates or adopting more secure protocols.<\/p>\n<p>\u201cFor example, Microsoft Xbox added randomization to DIAL URL against spraying,\u201d \u00c7adirci said. \u201cEven if we bypass CORS, this randomization will help to be secure.\u201d<\/p>\n<p>Additionally, modern browsers no longer allow FTP document loading in iframe, a method that could previously be used to bypass CORS access controls. Browsers have also largely disabled WebRTC local IP disclosure, which made it easier for bad actors to locate vulnerable devices.<\/p>\n<h2>How smart is your TV?<\/h2>\n<p>Along with his report, \u00c7adirci made a tool called DIAL Scanner available on his GitHub page, which sends an M-SEARCH SSDP request to identify all DIAL devices on a network. He further offers a <a href=\"http:\/\/tester.dialstranger.com\/DialStranger.html\">DIAL CORS testing website<\/a> that network managers can use to see if their DIAL devices are vulnerable to exploitation.<\/p>\n<p>Even after four years, however, \u201cwe are not fully secure,\u201d wrote \u00c7adirci, who <a href=\"https:\/\/twitter.com\/yunuscadirci\">shared on X<\/a> how he used DIAL Scanner to locate over a dozen DIAL devices at his hotel on Monday. He noted that many older DIAL devices will likely never be updated.<\/p>\n<p>\u201cTo be honest this is not a technical problem, it is a business decision,\u201d \u00c7adirci told SC Media. \u201cVendors generally assigning developers to new device related tasks and old devices stay without any responsible team.\u201d<\/p>\n<p>He added that in working with embedded software development companies, he saw internal teams lose access to old development boards and toolchains within 4-5 years after device deployment, which prevented them from patching of older firmware. &nbsp;<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35222\/Netflix-Bug-That-Opened-Smart-TVs-To-Attacks-Is-Detailed-4-Years-Later.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":54653,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[968],"class_list":["post-54652","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-22T15:02:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/11\/video-streaming.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later\",\"datePublished\":\"2023-11-22T15:02:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/\"},\"wordCount\":873,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later.jpg\",\"keywords\":[\"headline,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/\",\"name\":\"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later.jpg\",\"datePublished\":\"2023-11-22T15:02:42+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later.jpg\",\"width\":800,\"height\":450},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/","og_locale":"en_US","og_type":"article","og_title":"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-11-22T15:02:42+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/11\/video-streaming.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later","datePublished":"2023-11-22T15:02:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/"},"wordCount":873,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later.jpg","keywords":["headline,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/","url":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/","name":"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later.jpg","datePublished":"2023-11-22T15:02:42+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later.jpg","width":800,"height":450},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/netflix-bug-that-opened-smart-tvs-to-attacks-is-detailed-4-years-later\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineflaw\/"},{"@type":"ListItem","position":3,"name":"Netflix Bug That Opened Smart TVs To Attacks Is Detailed, 4 Years Later"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54652","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=54652"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54652\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/54653"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=54652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=54652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=54652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}