Back to search
CVE-2023-53770
Published: Dec 9, 2025
Modified: Apr 7, 2026
PUBLISHED
Description
MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows remote attackers to access sensitive system configuration files through a direct object reference. Attackers can exploit the backup download endpoint by sending a GET request with 'action=getconfig' to retrieve a complete system configuration archive containing sensitive credentials.
| Vendor | Product | Versions |
|---|---|---|
MiniDVBLinux | MiniDVBLinux(TM) Distribution (MLD) | affected <=5.4 |
Weaknesses (CWE)
References
ExploitDB-51091
exploit
Official Product Homepage
product
Zero Science Lab Disclosure (ZSL-2022-5713)
third-party-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now