Security
Headlines
HeadlinesLatestCVEs

Headline

MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit

The application allows the usage of the SVDRP protocol/commands to be sent by a remote attacker to manipulate and/or control remotely the TV.

Zero Science Lab
#vulnerability#web#linux#git

Title: MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit
Advisory ID: ZSL-2022-5714
Type: Local/Remote
Impact: Security Bypass, System Access, DoS
Risk: (5/5)
Release Date: 16.10.2022

Summary

MiniDVBLinux™ Distribution (MLD). MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder (VDR) by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay, Setup and configuration via browser, and a lot more. MLD strives to be as small as possible, modular, simple. It supports numerous hardware platforms, like classic desktops in 32/64bit and also various low power ARM systems.

Description

The application allows the usage of the SVDRP protocol/commands to be sent by a remote attacker to manipulate and/or control remotely the TV.

Vendor

MiniDVBLinux - https://www.minidvblinux.de

Affected Version

<=5.4

Tested On

MiniDVBLinux 5.4
BusyBox v1.25.1
Architecture: armhf, armhf-rpi2
GNU/Linux 4.19.127.203 (armv7l)
VideoDiskRecorder 2.4.6

Vendor Status

[24.09.2022] Vulnerability discovered.
[27.09.2022] Vendor contacted.
[15.10.2022] No response from the vendor.
[16.10.2022] Public security advisory released.

PoC

mldhd_svdrp.txt

Credits

Vulnerability discovered by Gjoko Krstic - <[email protected]>

References

N/A

Changelog

[16.10.2022] - Initial release

Contact

Zero Science Lab

Web: https://www.zeroscience.mk
e-mail: [email protected]

Zero Science Lab: Latest News

ABB Cylon Aspect 3.08.00 (log(Mix/Yum)Lookup.php) Off-by-One Error in Log Parsing