CVE-2025-25038

CRITICAL EXPLOITED

MiniDVBLinux <5.4 - Command Injection

Title source: llm

Exploitation Summary

CVE-2025-25038 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a command injection vulnerability in MiniDVBLinux 5.4, allowing remote execution of arbitrary commands with root privileges via the 'file' parameter in the 'about' site endpoint. The PoC uses a simple HTTP GET request with command substitution to achieve RCE.

Description

An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system’s web-based management interface fails to properly sanitize user-supplied input before passing it to operating system commands. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary commands as the root user, potentially compromising the entire device. Exploitation evidence was observed by the Shadowserver Foundation on 2024-04-10 UTC.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · pythonremotehardware

https://www.exploit-db.com/exploits/51096

View Code ZIP pw:eip

This exploit demonstrates a command injection vulnerability in MiniDVBLinux 5.4, allowing remote execution of arbitrary commands with root privileges via the 'file' parameter in the 'about' site endpoint. The PoC uses a simple HTTP GET request with command substitution to achieve RCE.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: MiniDVBLinux <=5.4

No auth needed

Prerequisites: Network access to the target's web interface on port 8008

MITRE ATT&CK