2025-12-09 20:53:43
VulnCheck
PUBLISHED
MiniDVBLinux 5.4 contains an unauthenticated configuration download vulnerability that allows remote attackers to access sensitive system configuration files through a direct object reference. Attackers can exploit the backup download endpoint by sending a GET request with action=getconfig to retrieve a complete system configuration archive containing sensitive credentials.