CVE-2023-53771

Sažetak

MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to change the root password without authentication. Attackers can send crafted POST requests to the system setup endpoint with modified SYSTEM_PASSWORD parameters to reset root credentials.

Reference

https://www.exploit-db.com/exploits/51094
https://www.minidvblinux.de
https://www.vulncheck.com/advisories/minidvblinux-unauthenticated-root-password-change-via-system-setup
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5715.php

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

19-12-2025 - 19:21

Objavljeno

09-12-2025 - 21:15