Filtered by vendor Minidvblinux Subscriptions

Search

Switch to Advanced Search (Beta)
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-53772 1 Minidvblinux 1 Minidvblinux 2025-12-10 N/A
MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device.
CVE-2023-53771 1 Minidvblinux 1 Minidvblinux 2025-12-10 N/A
MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEM_PASSWORD parameters to reset root credentials.
CVE-2023-53773 1 Minidvblinux 1 Minidvblinux 2025-12-10 N/A
MiniDVBLinux 5.4 contains an unauthenticated vulnerability in the tv_action.sh script that allows remote attackers to generate live stream snapshots through the Simple VDR Protocol. Attackers can request /tpl/tv_action.sh to create and retrieve a live TV screenshot stored in /var/www/images/tv.jpg without authentication.
CVE-2023-53770 1 Minidvblinux 1 Minidvblinux 2025-12-10 N/A
MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows remote attackers to access sensitive system configuration files through a direct object reference. Attackers can exploit the backup download endpoint by sending a GET request with 'action=getconfig' to retrieve a complete system configuration archive containing sensitive credentials.
CVE-2023-53774 1 Minidvblinux 1 Minidvblinux 2025-12-10 N/A
MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely.