Vulnerability in Minidvblinux Minidvblinux(tm) Distribution (Mld)

CVE-2023-53770

MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows remote attackers to access sensitive system configuration files through a direct object reference. Attackers can exploit the backup download endp…

EPSS: 0.004 (57.9th percentile) — read the EPSS interpretation.

Affected products

Minidvblinux Minidvblinux(tm) Distribution (Mld) — versions <=5.4

Weakness classification (CWE)

CWE-260

References

ExploitDB-51091 (exploit)
Official Product Homepage (product)
Zero Science Lab Disclosure (ZSL-2022-5713) (third-party-advisory)
VulnCheck Advisory: MiniDVBLinux 5.4 Unauthenticated Configuration Download via Backup Endpoint (third-party-advisory)