Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass

🗓️ 31 Jan 2024 00:00:00Reported by Gjoko KrsticType 
zeroscience
 zeroscience🔗 www.zeroscience.mk👁 302 Views

TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass on GNU/Linux 3.10.53 (armv7l

Related
Code
ReporterTitlePublishedViews
Family
CVE		CVE-2024-39375
27 Jun 202416:07
cve
Cvelist		CVE-2024-39375 Use of Client-Side Authentication in TELSAT marKoni FM Transmitter
27 Jun 202416:07
cvelist
EUVD		EUVD-2024-37925
3 Oct 202520:07
euvd
ICS		TELSAT marKoni FM Transmitter
27 Jun 202406:00
ics
NVD		CVE-2024-39375
27 Jun 202416:15
nvd
OSV		CVE-2024-39375
27 Jun 202416:15
osv
Positive Technologies		PT-2024-28476 · Telsat · Telsat Markoni Fm Transmitters
27 Jun 202400:00
ptsecurity
RedhatCVE		CVE-2024-39375
9 Jan 202608:33
redhatcve
Vulnrichment		CVE-2024-39375 Use of Client-Side Authentication in TELSAT marKoni FM Transmitter
27 Jun 202416:07
vulnrichment
<html><body><p>TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass


Vendor: TELSAT Srl
Product web page: https://www.markoni.it
Affected version: Markoni-D (Compact) FM Transmitters
                  Markoni-DH (Exciter+Amplifiers) FM Transmitters
                  Markoni-A (Analogue Modulator) FM Transmitters
                  Firmware: 1.9.5
                            1.9.3
                            1.5.9
                            1.4.6
                            1.3.9

Summary: Professional FM transmitters.

Desc: The application implements client-side restrictions that can
be bypassed by editing the HTML source page that enable administrative
operations.

Tested on: GNU/Linux 3.10.53 (armv7l)
           icorem6solox
           lighttpd/1.4.33


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
Macedonian Information Security Research and Development Laboratory
Zero Science Lab - https://www.zeroscience.mk - @zeroscience


Advisory ID: ZSL-2024-5810
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5810.php


10.11.2023

--


These few JavaScript functions can be called directly in the browser's console
and can enable a user to execute and apply modifications with admin rights.
There are plenty more functions throughout the web application's interface.

set_wget()
change_ip_settings()
change_web_port()
set_sendtime()
add_mailaddress()
set_mailinglist()
...
...
</p></body></html>

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
31 Jan 2024 00:00Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.19.8
CVSS 49.3
EPSS0.00567
SSVC
telsatmarkonitransmitteraccess controlbypasshtmlsource pagefirmwaregnu/linuxlighttpdvulnerabilitysecurity advisoryzero science lab
302