# Tivo System - Useful Code Anomaly?



## Wil (Sep 27, 2002)

Courtesy of "pdd":

A bug has been found affecting many Unix environments.

https://securityblog.redhat.com/201...-environment-variables-code-injection-attack/

Here is an associated proof of concept that might work with TiVos or another avenue would be via the built in web interface for browsing shows.

https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/

pdd tested his modded TiVo Series 3 and found it susceptible.


----------



## BiloxiGeek (Nov 18, 2001)

Your links got borked up somehow.


----------



## Wil (Sep 27, 2002)

BiloxiGeek said:


> Your links got borked up somehow.


Thanks. Fixed.
Should they break again somehow, it should be obvious to the type of interested people reading here where "pdd" would be hanging out, and the links are in his post there.


----------

