Vulnerability Description
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform critical operations on the transmitter.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dbbroadcast | Sft Dab 600\/C Firmware | 1.9.3 |
| Dbbroadcast | Sft Dab 600\/C | - |
Related Weaknesses (CWE)
References
- https://www.dbbroadcast.comProduct
- https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/Product
- https://www.exploit-db.com/exploits/51459ExploitThird Party Advisory
- https://www.screen.itProduct
- https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-seThird Party Advisory
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5775.phpThird Party Advisory
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5775.phpThird Party Advisory
FAQ
What is CVE-2023-53776?
CVE-2023-53776 is a vulnerability with a CVSS score of 8.8 (HIGH). Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized ...
How severe is CVE-2023-53776?
CVE-2023-53776 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-53776?
Check the references section above for vendor advisories and patch information. Affected products include: Dbbroadcast Sft Dab 600\/C Firmware, Dbbroadcast Sft Dab 600\/C.