CVE-2023-53741
BaseFortify
Publication date: 2025-12-10
Last updated on: 2025-12-18
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dbbroadcast | sft_dab_015\/c_firmware | 1.9.3 |
| dbbroadcast | sft_dab_015\/c | * |
| dbbroadcast | sft_dab_050\/c_firmware | 1.9.3 |
| dbbroadcast | sft_dab_050\/c | * |
| dbbroadcast | sft_dab_150\/c_firmware | 1.9.3 |
| dbbroadcast | sft_dab_150\/c | * |
| dbbroadcast | sft_dab_300\/c_firmware | 1.9.3 |
| dbbroadcast | sft_dab_300\/c | * |
| dbbroadcast | sft_dab_600\/c_firmware | 1.9.3 |
| dbbroadcast | sft_dab_600\/c | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-384 | Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Screen SFT DAB 1.9.3 involves weak session management that allows attackers to bypass authentication by reusing session identifiers that are bound to IP addresses. Attackers can intercept and reuse these established sessions to perform unauthorized actions, such as removing user accounts.
How can this vulnerability impact me? :
The vulnerability can allow attackers to bypass authentication controls and perform unauthorized actions like deleting user accounts. This can lead to loss of user data, disruption of services, and potential compromise of system integrity.