CVE-2023-53774

Published: Dec 9, 2025Modified: Dec 19, 2025

6.9

Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Show more

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: disclosure@vulncheck.com (Secondary)

Description

MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely.

Affected (1)

Products: Minidvblinux: Minidvblinux

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Minidvblinux Minidvblinux	Up to 5.4

Related CWEs

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (5)

https://www.exploit-db.com/exploits/51093

Source: disclosure@vulncheck.com

ExploitThird Party AdvisoryVDB Entry

https://www.linuxtv.org/vdrwiki/index.php/SVDRP#The_commands

Source: disclosure@vulncheck.com

Not Applicable

https://www.minidvblinux.de

Source: disclosure@vulncheck.com

Product

https://www.vulncheck.com/advisories/minidvblinux-simple-videodiskrecorder-protocol-remote-code-execution

Source: disclosure@vulncheck.com

Third Party Advisory

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5714.php

Source: disclosure@vulncheck.com

ExploitThird Party Advisory

Timeline

No history available yet.