CVE-2023-53772

HIGH

MiniDVBLinux 5.4 - Info Disclosure

Title source: llm

Description

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · pythonremotehardware

https://www.exploit-db.com/exploits/51097

View Code ZIP pw:eip

References (4)

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/51097

[Product] https://www.minidvblinux.de

[Third Party Advisory] https://www.vulncheck.com/advisories/minidvblinux-arbitrary-file-read-vulnerability-via-about-page

[Exploit, Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5719.php

Scores

CVSS v3 7.5

EPSS 0.0097

EPSS Percentile 76.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (2)

minidvblinux/minidvblinux < 5.4

MiniDVBLinux/MiniDVBLinux <=5.4

Published Dec 09, 2025

Tracked Since Feb 18, 2026