The NETGEAR NTV300 (NeoTV) contains a flaw that may allow a physically proximate attacker to gain access to the device. The issue is due to the system() and popen() system calls using the device SSID and encryption key values as part of their function. These values are user controllable, and can be injected via the TV's remote control. For example, setting the SSID to 'reboot' and submitting it will cause the device to reboot. Using a more complex set of injections, an attacker can create a script that will execute arbitrary commands, such as a limited shell, or enable the Telnet server (which is not enabled by default).
Physical Access Required,
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.