Primary

Context

MiniDVBLinux Arbitrary File Read Vulnerability

Vulnerability

An arbitrary file disclosure vulnerability exists in MiniDVBLinux version 5.4. This vulnerability allows attackers to read sensitive system files by exploiting the 'file' GET parameter on the about page. The issue arises from improper validation of file paths, enabling the disclosure of arbitrary file contents on the affected device.

Impact

Exploitation of this vulnerability leads to unauthorized access to sensitive system information and files on the affected device.

Reproduction

To reproduce this vulnerability, send a GET request to the about page with the 'file' parameter set to the path of the file to be disclosed. The response will include the contents of the specified file, revealing sensitive information from the system.

Added: Dec 9, 2025, 9:44 PM

Updated: Dec 9, 2025, 9:44 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

1.3

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

1.3

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MiniDVBLinux Arbitrary File Read Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating