CVE-2023-53774

CRITICAL

MiniDVBLinux < 5.4 - Unauthenticated Remote Code Execution via SVDRP Protocol

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-53774. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates remote code execution (RCE) in MiniDVBLinux 5.4 via the SVDRP protocol by sending a crafted command through the `svdrpsend.sh` script. The PoC uses a simple `curl` command to send a message to the TV screen, confirming vulnerability.

Description

MiniDVBLinux 5.4 contains a remote code execution vulnerability in the SVDRP protocol that allows remote attackers to send commands to manipulate TV systems. Attackers can send crafted SVDRP commands through the svdrpsend.sh script to execute messages and potentially control the video disk recorder remotely.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textremotehardware

https://www.exploit-db.com/exploits/51093

View Code ZIP pw:eip

This exploit demonstrates remote code execution (RCE) in MiniDVBLinux 5.4 via the SVDRP protocol by sending a crafted command through the `svdrpsend.sh` script. The PoC uses a simple `curl` command to send a message to the TV screen, confirming vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: MiniDVBLinux <=5.4

No auth needed

Prerequisites: Network access to the target's SVDRP service (port 8008)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit, Third Party Advisory, VDB Entry exploit

https://www.exploit-db.com/exploits/51093

Not Applicable media-coverage

https://www.linuxtv.org/vdrwiki/index.php/SVDRP#The_commands

Exploit, Third Party Advisory third-party-advisory

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5714.php

Product product

https://www.minidvblinux.de

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/minidvblinux-simple-videodiskrecorder-protocol-remote-code-execution

Scores

CVSS v3 9.8

EPSS 0.0079

EPSS Percentile 51.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-306

Status published

Products (2)

minidvblinux/minidvblinux < 5.4

MiniDVBLinux/Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit <=5.4

Published Dec 09, 2025

Tracked Since Feb 18, 2026