Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for sft_dab_150\/c_firmware by dbbroadcast

    CVE-2023-53741 (GCVE-0-2023-53741)

    Vulnerability from nvd – Published: 2025-12-10 21:06 – Updated: 2026-04-07 14:06
    VLAI
    Title
    Screen SFT DAB 1.9.3 Authentication Bypass via IP Session Management
    Summary
    Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2023-05-23 00:00
    Credits
    LiquidWorm as Gjoko Krstic of Zero Science Lab
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-53741",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-11T15:51:54.759556Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-11T18:52:17.753Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5773.php"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Screen SFT DAB Series - Compact Radio DAB Transmitter",
              "vendor": "DB Elettronica Telecomunicazioni SpA",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.9.3"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
            }
          ],
          "datePublic": "2023-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eScreen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.\u003c/p\u003e"
                }
              ],
              "value": "Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-384",
                  "description": "CWE-384: Session Fixation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:06:48.058Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-51457",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/51457"
            },
            {
              "name": "Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.screen.it"
            },
            {
              "name": "Official Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/"
            },
            {
              "name": "Vendor Homepage",
              "tags": [
                "vendor-advisory",
                "vdb-entry"
              ],
              "url": "https://www.dbbroadcast.com"
            },
            {
              "name": "Vendor Security Advisory for ZSL-2023-5773",
              "tags": [
                "vendor-advisory",
                "vdb-entry"
              ],
              "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5773.php"
            },
            {
              "name": "VulnCheck Advisory: Screen SFT DAB 1.9.3 Authentication Bypass via IP Session Management",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-ip-session-management"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Screen SFT DAB 1.9.3 Authentication Bypass via IP Session Management",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2023-53741",
        "datePublished": "2025-12-10T21:06:59.907Z",
        "dateReserved": "2025-12-07T13:16:38.432Z",
        "dateUpdated": "2026-04-07T14:06:48.058Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-53740 (GCVE-0-2023-53740)

    Vulnerability from nvd – Published: 2025-12-10 21:06 – Updated: 2026-04-07 14:06
    VLAI
    Title
    Screen SFT DAB 1.9.3 Authentication Bypass via Admin Password Change
    Summary
    Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify the admin account.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2023-05-23 00:00
    Credits
    LiquidWorm as Gjoko Krstic of Zero Science Lab
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-53740",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-11T15:52:11.630383Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-11T18:52:23.204Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5774.php"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Screen SFT DAB Series - Compact Radio DAB Transmitter",
              "vendor": "DB Elettronica Telecomunicazioni SpA",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.9.3"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
            }
          ],
          "datePublic": "2023-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eScreen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify the admin account.\u003c/p\u003e"
                }
              ],
              "value": "Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify the admin account."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862: Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:06:47.252Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-51458",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/51458"
            },
            {
              "name": "Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.screen.it"
            },
            {
              "name": "Official Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/"
            },
            {
              "name": "Vendor Homepage",
              "tags": [
                "vendor-advisory",
                "vdb-entry"
              ],
              "url": "https://www.dbbroadcast.com"
            },
            {
              "name": "Advisory URL",
              "tags": [
                "vendor-advisory",
                "vdb-entry"
              ],
              "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5774.php"
            },
            {
              "name": "VulnCheck Advisory: Screen SFT DAB 1.9.3 Authentication Bypass via Admin Password Change",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-admin-password-change"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Screen SFT DAB 1.9.3 Authentication Bypass via Admin Password Change",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2023-53740",
        "datePublished": "2025-12-10T21:06:29.286Z",
        "dateReserved": "2025-12-07T13:16:38.432Z",
        "dateUpdated": "2026-04-07T14:06:47.252Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-53741 (GCVE-0-2023-53741)

    Vulnerability from cvelistv5 – Published: 2025-12-10 21:06 – Updated: 2026-04-07 14:06
    VLAI
    Title
    Screen SFT DAB 1.9.3 Authentication Bypass via IP Session Management
    Summary
    Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2023-05-23 00:00
    Credits
    LiquidWorm as Gjoko Krstic of Zero Science Lab
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-53741",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-11T15:51:54.759556Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-11T18:52:17.753Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5773.php"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Screen SFT DAB Series - Compact Radio DAB Transmitter",
              "vendor": "DB Elettronica Telecomunicazioni SpA",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.9.3"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
            }
          ],
          "datePublic": "2023-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eScreen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.\u003c/p\u003e"
                }
              ],
              "value": "Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "LOW",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-384",
                  "description": "CWE-384: Session Fixation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:06:48.058Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-51457",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/51457"
            },
            {
              "name": "Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.screen.it"
            },
            {
              "name": "Official Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/"
            },
            {
              "name": "Vendor Homepage",
              "tags": [
                "vendor-advisory",
                "vdb-entry"
              ],
              "url": "https://www.dbbroadcast.com"
            },
            {
              "name": "Vendor Security Advisory for ZSL-2023-5773",
              "tags": [
                "vendor-advisory",
                "vdb-entry"
              ],
              "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5773.php"
            },
            {
              "name": "VulnCheck Advisory: Screen SFT DAB 1.9.3 Authentication Bypass via IP Session Management",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-ip-session-management"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Screen SFT DAB 1.9.3 Authentication Bypass via IP Session Management",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2023-53741",
        "datePublished": "2025-12-10T21:06:59.907Z",
        "dateReserved": "2025-12-07T13:16:38.432Z",
        "dateUpdated": "2026-04-07T14:06:48.058Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-53740 (GCVE-0-2023-53740)

    Vulnerability from cvelistv5 – Published: 2025-12-10 21:06 – Updated: 2026-04-07 14:06
    VLAI
    Title
    Screen SFT DAB 1.9.3 Authentication Bypass via Admin Password Change
    Summary
    Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify the admin account.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Date Public
    2023-05-23 00:00
    Credits
    LiquidWorm as Gjoko Krstic of Zero Science Lab
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-53740",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-11T15:52:11.630383Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-11T18:52:23.204Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5774.php"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Screen SFT DAB Series - Compact Radio DAB Transmitter",
              "vendor": "DB Elettronica Telecomunicazioni SpA",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.9.3"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "LiquidWorm as Gjoko Krstic of Zero Science Lab"
            }
          ],
          "datePublic": "2023-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eScreen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify the admin account.\u003c/p\u003e"
                }
              ],
              "value": "Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify the admin account."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "ADJACENT",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "PASSIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "LOW",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-862",
                  "description": "CWE-862: Missing Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T14:06:47.252Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-51458",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/51458"
            },
            {
              "name": "Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.screen.it"
            },
            {
              "name": "Official Product Homepage",
              "tags": [
                "product"
              ],
              "url": "https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/"
            },
            {
              "name": "Vendor Homepage",
              "tags": [
                "vendor-advisory",
                "vdb-entry"
              ],
              "url": "https://www.dbbroadcast.com"
            },
            {
              "name": "Advisory URL",
              "tags": [
                "vendor-advisory",
                "vdb-entry"
              ],
              "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5774.php"
            },
            {
              "name": "VulnCheck Advisory: Screen SFT DAB 1.9.3 Authentication Bypass via Admin Password Change",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-admin-password-change"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Screen SFT DAB 1.9.3 Authentication Bypass via Admin Password Change",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2023-53740",
        "datePublished": "2025-12-10T21:06:29.286Z",
        "dateReserved": "2025-12-07T13:16:38.432Z",
        "dateUpdated": "2026-04-07T14:06:47.252Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }