Minidvblinux
1 CVEs
product
Monthly
MiniDVBLinux version 5.4 and earlier contains an unauthenticated OS command injection in the web-based management interface. The DVB streaming platform fails to sanitize user input before passing it to operating system commands, enabling remote attackers to execute arbitrary commands on the media server.
Command Injection
Minidvblinux
NVD
Exploit-DB
CVSS 3.1
9.8
EPSS
17.7%
Threat
4.0
CVE-2025-25038
EPSS 18%
4.0
CVSS 9.8
CRITICAL
POC
THREAT
Emergency
MiniDVBLinux version 5.4 and earlier contains an unauthenticated OS command injection in the web-based management interface. The DVB streaming platform fails to sanitize user input before passing it to operating system commands, enabling remote attackers to execute arbitrary commands on the media server.
Command Injection
Minidvblinux
NVD
Exploit-DB