A security researcher has revealed that she was able to gain access to several internal FIFA platforms due to a basic security flaw, giving her full control over the TV stream of every World Cup match.

The researcher, known as BobDaHacker, said she registered as a player agent on FIFA’s official agent registration platform.

That account, combined with a vulnerability in FIFA’s back-end API, which failed to properly verify user authorization, allowed her to access multiple internal systems.

This included the system that enables broadcasters to determine what is displayed on viewers’ television screens worldwide, as well as what appears on commentators’ monitors while they narrate live matches, according to the researcher.

BobDaHacker reported the vulnerability on Tuesday night (Japan time), and FIFA reportedly patched the issue within a few hours.

“A single attacker could hijack every camera simultaneously. An attacker could have rickrolled the entire FIFA World Cup,” BobDaHacker wrote in a blog post published on Tuesday.

However, the researcher said the organisation did not publicly acknowledge her disclosure.

FIFA did not immediately respond to request for comment.