Digea Digital Provider S.A. is one company established by the national private TV channels ALPHA, ALTER, ANTENNA, MACEDONIA TV, MEGA, SKAI and STAR.
On February 7, 2014, it was declared the winner for all the rights to use radio frequencies for national and regional coverage. The company's goal was to build the country's terrestrial digital network and complete the transition from analog to digital television signal.
Μέχρι το τέλος του 2013 η εταιρεία ενεργοποίησε 13 κέντρα εκπομπής ανά την Greece, δίνοντας πρόσβαση στο ελεύθερο επίγειο ψηφιακό τηλεοπτικό σήμα σε πάνω από το 70% του πληθυσμού της χώρας.
With the completion of the terrestrial digital switchover, 156 broadcast centers were activated, covering the 95% of the Greek population with a digital signal.
The company's achievements are impressive, but according to our well-known researcher Nyo (GHS), the official website of Digea allows malicious or non-malicious users of Cross-site scripting or XSS.
The malicious user could:
Trap bills and personal data
Change website settings
Raise false ads through a link
Η vulnerability refers to the system's inability to filter and reject any harmful inputs.
Look at them screenshots sent to us by Nyo
According to the researcher released the XSS as a response to video "MEGA - DIGEA threatens with black!"
The video states that “according to information the Board of Directors of Digea has decided to proceed with weakening the station's signal despite the fact that negotiations are ongoing between shareholders and banks to find a solution. This means that either a "broken" image with pixels will be displayed, or a "frozen" image and only sound will be heard."
He also says that XSS was not publicized to support a private channel but the end-user viewer.