Description

The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration (74 endpoints) and writing/modifying settings including volume, mute, brightness, power, network protocols enable/disable (including TELNET), display modes, and other projector functions. Any device on the same network can control the projector without authentication.

INFO

Published Date :

2026-05-07T00:00:00.000Z

Last Modified :

2026-05-07T13:17:48.414Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2026-30496 vulnerability.

Vendors Products
Optoma
  • Cinemax P2
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-30496.

URL Resource
https://whitelabel.org/security/2026-02-01-smart-projector/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System