CVE-2023-53776

High CVSS: 8.7

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform critical operations on the transmitter.

Vendor

Dbbroadcast

Product

Sft Dab 600\/c Firmware

CWE

CWE-384

Yayın Tarihi

2025-12-10 22:16:19

Güncelleme

2026-01-02 13:50:21

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-384 Sft Dab 600\/c Firmware HIGH Dbbroadcast 2025

Referanslar

https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ https://www.exploit-db.com/exploits/51459 https://www.screen.it https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-session-management-weakness https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5775.php https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5775.php

Benzer Kayıtlar

Critical

CVE-2023-53967

Screen SFT DAB 600/C firmware 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the…

Critical

CVE-2023-53968

Screen SFT DAB 600/C Firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authenti…

Critical

CVE-2023-53969

Screen SFT DAB 600/C firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authenti…

High

CVE-2023-53970

Screen SFT DAB 600/C Firmware 1.9.3 contains a weak session management vulnerability that allows attackers to bypass aut…

High

CVE-2023-53775

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change user passwords by e…

High

CVE-2023-53740

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password…