CVE-2023-53773

MiniDVBLinux 5.4 contains an unauthenticated vulnerability in the tvaction.sh script that allows remote attackers to generate live stream snapshots through the Simple VDR Protocol. Attackers can request /tpl/tvaction.sh to create and retrieve a live TV screenshot stored in /var/www/images/tv.jpg...

CVE-2023-53772

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device...

EUVD-2023-60180

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device...

CVE-2023-53772

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device...

CVE-2023-53771

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEMPASSWORD parameters to reset root credentials...

CVE-2023-53770

MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows remote attackers to access sensitive system configuration files through a direct object reference. Attackers can exploit the backup download endpoint by sending a GET request with 'action=getconfig' to...

CVE-2023-53774

MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk record...

CVE-2023-53774 MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Code Execution

MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk record...

PT-2025-50269

Name of the Vulnerable Software and Affected Versions MiniDVBLinux version 5.4 Description MiniDVBLinux version 5.4 contains a flaw that allows attackers to read sensitive system files. This is possible through the 'file' GET parameter on the about page, enabling disclosure of arbitrary file...

PT-2025-50271

Name of the Vulnerable Software and Affected Versions MiniDVBLinux version 5.4 Description MiniDVBLinux 5.4 contains a remote code execution issue in the SVDRP protocol. This allows remote attackers to send commands to manipulate TV systems. Specifically, crafted SVDRP commands sent through the...

PT-2025-50268

Name of the Vulnerable Software and Affected Versions MiniDVBLinux version 5.4 Description The software contains a flaw that allows remote attackers to bypass authentication and modify the root password. This is achieved by sending specially crafted POST requests to the system setup endpoint,...