exploitDog

CVE-2023-53773

Опубликовано: 09 дек. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

MiniDVBLinux 5.4 contains an unauthenticated vulnerability in the tv_action.sh script that allows remote attackers to generate live stream snapshots through the Simple VDR Protocol. Attackers can request /tpl/tv_action.sh to create and retrieve a live TV screenshot stored in /var/www/images/tv.jpg without authentication.

Ссылки

https://www.exploit-db.com/exploits/51095
Exploit
Third Party Advisory
VDB Entry
https://www.minidvblinux.de
Product
https://www.vulncheck.com/advisories/minidvblinux-unauthenticated-live-stream-disclosure-via-tvactionsh
Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5716.php
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:minidvblinux:minidvblinux:*:*:*:*:*:*:*:*

Версия до 5.4 (включая)

EPSS

Процентиль: 69%

0.00597

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-306

Связанные уязвимости

GHSA-g24h-8xr2-34q6

CVSS3: 5.3

github

около 2 месяцев назад

MiniDVBLinux 5.4 contains an unauthenticated vulnerability in the tv_action.sh script that allows remote attackers to generate live stream snapshots through the Simple VDR Protocol. Attackers can request /tpl/tv_action.sh to create and retrieve a live TV screenshot stored in /var/www/images/tv.jpg without authentication.

EPSS

Процентиль: 69%

0.00597

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-306