CVE-2023-53774

Medienbericht

Exploit

EPSS 1.81%
Veröffentlicht 09.12.2025 20:56:46
Zuletzt bearbeitet 19.12.2025 19:16:19
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Minidvblinux ≫ Minidvblinux Version <= 5.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.81%	0.825

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	6.9	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

https://www.minidvblinux.de

Product

https://www.exploit-db.com/exploits/51093

Third Party Advisory

Exploit

VDB Entry

https://www.linuxtv.org/vdrwiki/index.php/SVDRP#The_commands

Not Applicable

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5714.php

Third Party Advisory

Exploit

https://www.vulncheck.com/advisories/minidvblinux-simple-videodiskrecorder-protocol-remote-code-execution