Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/12/22 9:35 p.m.26 views

CVE-2023-53967 Screen SFT DAB 600/C Firmware 1.9.3 Authentication Bypass Admin Password Change

Screen SFT DAB 600/C firmware 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without requiring the current credentials. Attackers can exploit the userManager.cgx API endpoint by sending a crafted POST request with a new MD5-hashed password...

9.3CVSS0.00456EPSS
Exploits2References5
CVE
CVE
added 2025/12/22 9:35 p.m.12 views

CVE-2023-53967

Affected product: Screen SFT DAB 600/C firmware 1.9.3. Vulnerability: authentication bypass via POST to userManager.cgx that allows changing the admin password using a crafted MD5-hashed password. Impact: potential unauthorized admin access; confidentiality at risk. Root cause: improper authentic...

9.3CVSS6.8AI score0.00456EPSS
Exploits2References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/22 12:0 a.m.6 views

PT-2025-52704

Name of the Vulnerable Software and Affected Versions Screen SFT DAB 600/C version 1.9.3 Description The Screen SFT DAB 600/C firmware contains a flaw that permits unauthorized modification of the administrator password without current credentials. An attacker can exploit this by sending a...

9.3CVSS6.8AI score0.00456EPSS
Exploits2References10
EUVD
EUVD
added 2025/12/10 9:31 p.m.5 views

EUVD-2023-60186

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify...

8.6CVSS6.7AI score0.00805EPSS
Exploits1References7
Rows per page
Query Builder