This Metasploit module exploits an unauthenticated remote file inclusion which exists in Supra Smart Cloud TV. The media control for the device doesnt have any session management or authentication. Leveraging this, an attacker on the local network can send a crafted request to broadcast a fake video.
4f628334a1d4a905d86ed3e418a091bc45e99144a8e83f1ac6d4d534bdfe0adf