{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-25038", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-01-31T18:32:36.214Z", "datePublished": "2025-06-20T18:36:09.946Z", "dateUpdated": "2026-05-14T02:07:21.867Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Web Management Interface", "/?site=about&file= parameter"], "product": "MiniDVBLinux", "vendor": "MiniDVBLinux", "versions": [{"lessThanOrEqual": "5.4", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Gjoko Krstic"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system\u2019s web-based management interface fails to properly sanitize user-supplied input before passing it to operating system commands. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary commands as the root user, potentially compromising the entire device. Exploitation evidence was observed by the Shadowserver Foundation on 2024-04-10 UTC."}], "value": "An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system\u2019s web-based management interface fails to properly sanitize user-supplied input before passing it to operating system commands. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary commands as the root user, potentially compromising the entire device.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-04-10 UTC."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-14T02:07:21.867Z"}, "references": [{"tags": ["third-party-advisory", "exploit"], "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5717.php"}, {"tags": ["third-party-advisory", "exploit"], "url": "https://www.exploit-db.com/exploits/51096"}, {"tags": ["third-party-advisory"], "url": "https://www.fortiguard.com/encyclopedia/ips/52454"}, {"tags": ["third-party-advisory", "exploit"], "url": "https://cxsecurity.com/issue/WLB-2022100039"}, {"tags": ["third-party-advisory", "exploit"], "url": "https://packetstormsecurity.com/files/168744/"}, {"tags": ["product"], "url": "https://www.minidvblinux.de"}, {"tags": ["third-party-advisory"], "url": "https://vulncheck.com/advisories/minidvblinux-command-injection"}], "source": {"discovery": "UNKNOWN"}, "tags": ["x_known-exploited-vulnerability"], "title": "MiniDVBLinux Root Command Injection", "x_generator": {"engine": "Vulnogram 0.2.0"}, "datePublic": "2023-03-27T00:00:00.000Z"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-23T20:34:16.702497Z", "id": "CVE-2025-25038", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-23T20:34:31.585Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-25038", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-23T20:34:16.702497Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-23T20:34:25.969Z"}}], "cna": {"tags": ["x_known-exploited-vulnerability"], "title": "MiniDVBLinux Root Command Injection", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Gjoko Krstic"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "MiniDVBLinux", "modules": ["Web Management Interface", "/?site=about&file= parameter"], "product": "MiniDVBLinux", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "5.4"}], "defaultStatus": "unaffected"}], "datePublic": "2023-03-27T00:00:00.000Z", "references": [{"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5717.php", "tags": ["third-party-advisory", "exploit"]}, {"url": "https://www.exploit-db.com/exploits/51096", "tags": ["third-party-advisory", "exploit"]}, {"url": "https://www.fortiguard.com/encyclopedia/ips/52454", "tags": ["third-party-advisory"]}, {"url": "https://cxsecurity.com/issue/WLB-2022100039", "tags": ["third-party-advisory", "exploit"]}, {"url": "https://packetstormsecurity.com/files/168744/", "tags": ["third-party-advisory", "exploit"]}, {"url": "https://www.minidvblinux.de", "tags": ["product"]}, {"url": "https://vulncheck.com/advisories/minidvblinux-command-injection", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system\u2019s web-based management interface fails to properly sanitize user-supplied input before passing it to operating system commands. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary commands as the root user, potentially compromising the entire device.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-04-10 UTC.", "supportingMedia": [{"type": "text/html", "value": "An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system\u2019s web-based management interface fails to properly sanitize user-supplied input before passing it to operating system commands. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary commands as the root user, potentially compromising the entire device. Exploitation evidence was observed by the Shadowserver Foundation on 2024-04-10 UTC.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-14T02:07:21.867Z"}}}, "cveMetadata": {"cveId": "CVE-2025-25038", "state": "PUBLISHED", "dateUpdated": "2026-05-14T02:07:21.867Z", "dateReserved": "2025-01-31T18:32:36.214Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2025-06-20T18:36:09.946Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:minidvblinux:minidvblinux:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D9CAD03-85CC-41CC-B745-371250902E61", "versionEndIncluding": "5.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system\u2019s web-based management interface fails to properly sanitize user-supplied input before passing it to operating system commands. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary commands as the root user, potentially compromising the entire device.\u00a0Exploitation evidence was observed by the Shadowserver Foundation on 2024-04-10 UTC."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en el sistema operativo MiniDVBLinux versi\u00f3n 5.4 y anteriores. La interfaz de administraci\u00f3n web del sistema no depura correctamente la entrada del usuario antes de pasarla a los comandos del sistema operativo. Un atacante remoto no autenticado puede explotar esta vulnerabilidad para ejecutar comandos arbitrarios como usuario root, lo que podr\u00eda comprometer todo el dispositivo."}], "id": "CVE-2025-25038", "lastModified": "2025-12-22T17:46:41.027", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2025-06-20T19:15:36.050", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://cxsecurity.com/issue/WLB-2022100039"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://packetstormsecurity.com/files/168744/"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://vulncheck.com/advisories/minidvblinux-command-injection"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/51096"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.fortiguard.com/encyclopedia/ips/52454"}, {"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://www.minidvblinux.de"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5717.php"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T01:24:26.221635+00:00", "value": {"mitigation_remediation": ["Update the device firmware to a version newer than 5.4, or apply the vendor\u2019s patch if available.", "Restrict the web management interface to a trusted internal subnet or VPN, and block all external access unless necessary.", "Enable logging and monitoring of shell command execution, and set up alerts for unexpected root activity."], "summary": {"action": "Immediate patch", "impact": "Remote code execution as root"}, "threat_synthesis": {"affected_systems": "MiniDVBLinux devices running version 5.4 or earlier are affected. The vulnerability exists in the publicly accessible web management interface of all affected installations, regardless of network placement. No specific vendor folder other than MiniDVBLinux.", "description_and_impact": "An OS command injection flaw in MiniDVBLinux allows a remote, unauthenticated attacker to supply unsanitized input that is passed directly to the system shell. Because the web\u2011based management interface executes commands with root privileges, the vulnerability gives full control over the device, including modifying configurations, installing backdoors, or disabling services. The weakness corresponds to CWE\u201178 and can lead to complete compromise of the target.", "risk_and_exploitability": "The flaw carries a CVSS score of 9.3 and an EPSS of 29\u202f%, indicating both high severity and a relatively high likelihood of exploitation. The attack can be carried out from any network connected to the management interface without authentication, enabling the execution of arbitrary commands as root. Because the vulnerability is already public and has been used in the wild, the risk is immediate and significant; the addition of the 29\u202f% EPSS score further emphasizes that exploitation is expected to occur soon."}}}}, "created": "2026-04-28T01:30:17.922398+00:00", "updated": "2026-04-28T01:30:17.922416+00:00", "vendors": []}