9.8
CVE-2023-53774
- EPSS 0.79%
- Veröffentlicht 09.12.2025 20:56:46
- Zuletzt bearbeitet 19.12.2025 19:16:19
- Quelle disclosure@vulncheck.com
- CVE-Watchlists
- Unerledigt
LoginMiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Code Execution
MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Minidvblinux ≫ Minidvblinux Version <= 5.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.79% | 0.516 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| disclosure@vulncheck.com | 6.9 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
https://www.minidvblinux.de
https://www.exploit-db.com/exploits/51093
https://www.linuxtv.org/vdrwiki/index.php/SVDRP#The_commands
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5714.php
https://www.vulncheck.com/advisories/minidvblinux-simple-videodiskrecorder-protocol-remote-code-execution