Key Information Vulnerability Title: MiniDVBLinux 5.4 Remote Root Command Injection Vulnerability Advisor ID: ZSL-2022-5717 Type: Local/Remote Impact: System Access, DoS Risk: (5/5) Release Date: 16.10.2022 Summary MiniDVBLinux(TM) Distribution (MLD) is a Linux distribution based on Video Disk Recorder (VDR), provided by Klaus Schmidinger. It offers a simple way to convert a standard PC into a multimedia center. Description The application contains an operating system command injection vulnerability. This can be exploited to execute arbitrary commands with root privileges. Vendor MiniDVBLinux - https://www.minidvblinux.de Affected Versions References 1. https://packetstormsecurity.com/files/168744/ 2. https://cxsecurity.com/issue/WLB-2022100049 3. https://www.exploit-db.com/exploits/51086 Change Log [16.10.2022] Initial release [04.12.2022] Added references [1] and [2] [10.04.2023] Added reference [3] Contact Zero Science Lab Website: https://www.zeroscience.mk Email: lab@zeroscience.mk