Refine your search
2 vulnerabilities found for Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit by MiniDVBLinux
CVE-2023-53774 (GCVE-0-2023-53774)
Vulnerability from nvd
Published
2025-12-09 20:56
Modified
2025-12-09 20:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MiniDVBLinux | Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit |
Version: <=5.4 |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit",
"vendor": "MiniDVBLinux",
"versions": [
{
"status": "affected",
"version": "\u003c=5.4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely.\u003c/p\u003e"
}
],
"value": "MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T20:56:46.780Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-51093",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/51093"
},
{
"name": "SVDRP Documentation",
"tags": [
"media-coverage"
],
"url": "https://www.linuxtv.org/vdrwiki/index.php/SVDRP#The_commands"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2022-5714)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5714.php"
},
{
"name": "MiniDVBLinux Product Homepage",
"tags": [
"product"
],
"url": "https://www.minidvblinux.de"
},
{
"name": "VulnCheck Advisory: MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Code Execution",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/minidvblinux-simple-videodiskrecorder-protocol-remote-code-execution"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Code Execution",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2023-53774",
"datePublished": "2025-12-09T20:56:46.780Z",
"dateReserved": "2025-12-08T15:40:56.296Z",
"dateUpdated": "2025-12-09T20:56:46.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-53774 (GCVE-0-2023-53774)
Vulnerability from cvelistv5
Published
2025-12-09 20:56
Modified
2025-12-09 20:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| MiniDVBLinux | Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit |
Version: <=5.4 |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit",
"vendor": "MiniDVBLinux",
"versions": [
{
"status": "affected",
"version": "\u003c=5.4"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely.\u003c/p\u003e"
}
],
"value": "MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T20:56:46.780Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-51093",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/51093"
},
{
"name": "SVDRP Documentation",
"tags": [
"media-coverage"
],
"url": "https://www.linuxtv.org/vdrwiki/index.php/SVDRP#The_commands"
},
{
"name": "Zero Science Lab Disclosure (ZSL-2022-5714)",
"tags": [
"third-party-advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5714.php"
},
{
"name": "MiniDVBLinux Product Homepage",
"tags": [
"product"
],
"url": "https://www.minidvblinux.de"
},
{
"name": "VulnCheck Advisory: MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Code Execution",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/minidvblinux-simple-videodiskrecorder-protocol-remote-code-execution"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Code Execution",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2023-53774",
"datePublished": "2025-12-09T20:56:46.780Z",
"dateReserved": "2025-12-08T15:40:56.296Z",
"dateUpdated": "2025-12-09T20:56:46.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}