CVE-2023-53770— MiniDVBLinux 5.4 Unauthenticated Configuration Download via Backup Endpoint
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-53770
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MiniDVBLinux 5.4 Unauthenticated Configuration Download via Backup Endpoint
Source: NVD (National Vulnerability Database)
Vulnerability Description
MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows remote attackers to access sensitive system configuration files through a direct object reference. Attackers can exploit the backup download endpoint by sending a GET request with 'action=getconfig' to retrieve a complete system configuration archive containing sensitive credentials.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
配置文件中存储口令
Source: NVD (National Vulnerability Database)
Vulnerability Title
MiniDVBLinux 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MiniDVBLinux是德国MiniDVBLinux公司的一款多媒体中心软件。 MiniDVBLinux 5.4版本存在安全漏洞,该漏洞源于不安全的直接对象引用,可能导致配置泄露。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| MiniDVBLinux | MiniDVBLinux(TM) Distribution (MLD) | <=5.4 | - |
II. Public POCs for CVE-2023-53770
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-53770
请登录查看更多情报信息。
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5713.phpthird-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-53770
Same Patch Batch · MiniDVBLinux · 2025-12-09 · 5 CVEs total
| CVE-2023-53774 | MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Code Execution | |
| CVE-2023-53773 | MiniDVBLinux 5.4 Unauthenticated Live Stream Disclosure via tv_action.sh | |
| CVE-2023-53772 | MiniDVBLinux 5.4 Arbitrary File Read Vulnerability via About Page | |
| CVE-2023-53771 | MiniDVBLinux 5.4 Unauthenticated Root Password Change via System Setup |
IV. Related Vulnerabilities
Same vendor: MiniDVBLinux
- CVE-2022-50691
MiniDVBLinux 5.4 Remote Root Command Execution via commands. - CVE-2023-53774
MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol Remote Co - CVE-2023-53773
MiniDVBLinux 5.4 Unauthenticated Live Stream Disclosure via - CVE-2023-53772
MiniDVBLinux 5.4 Arbitrary File Read Vulnerability via About - CVE-2023-53771
MiniDVBLinux 5.4 Unauthenticated Root Password Change via Sy
Same weakness: CWE-260
- CVE-2019-25465
Hisilicon HiIpcam V100R003 Information Disclosure via Direct - CVE-2025-15151
TaleLin Lin-CMS Tests Folder config.py password in configura - CVE-2023-53739
Tinycontrol LAN Controller v3 LK3 1.58a Unauthenticated Conf - CVE-2025-33119
IBM QRadar SIEM Information Disclosure - CVE-2025-36002
IBM Sterling B2B Integrator information disclosure
V. Comments for CVE-2023-53770
No comments yet