CVE-2023-53772

HIGH

MiniDVBLinux 5.4 - Info Disclosure

Title source: llm

Description

MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · pythonremotehardware

https://www.exploit-db.com/exploits/51097

View Code ZIP pw:eip

References (4)

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/51097

[Product] https://www.minidvblinux.de

[Third Party Advisory] https://www.vulncheck.com/advisories/minidvblinux-arbitrary-file-read-vulnerability-via-about-page

[Exploit, Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5719.php

Scores

CVSS v3 7.5

EPSS 0.0088

EPSS Percentile 75.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-22

Status published

Affected Products (1)

minidvblinux/minidvblinux < 5.4

Timeline

Published Dec 09, 2025

Tracked Since Feb 18, 2026