CVE-2023-53967
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2023-53967, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-22

Last updated on: 2025-12-26

Assigner: VulnCheck

Description

Screen SFT DAB 600/C firmware 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without requiring the current credentials. Attackers can exploit the userManager.cgx API endpoint by sending a crafted POST request with a new MD5-hashed password to directly modify the admin account's authentication.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-22
Last Modified
2025-12-26
Generated
2026-07-06
AI Q&A
2025-12-23
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
dbbroadcast sft_dab_600\/c_firmware 1.9.3
dbbroadcast sft_dab_600\/c *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2023-53967 is an authentication bypass vulnerability in Screen SFT DAB 600/C firmware version 1.9.3. It allows an attacker to change the administrator password without knowing the current password by exploiting the userManager.cgx API endpoint. The attacker sends a specially crafted POST request with a new MD5-hashed password, which directly modifies the admin account's authentication data, enabling unauthorized access. [1]

Impact Analysis

This vulnerability can have a severe impact as it allows attackers to gain unauthorized administrative access to the device by changing the admin password without credentials. This can lead to a complete compromise of the device's confidentiality, integrity, and availability, potentially allowing attackers to control the device, access sensitive information, or disrupt its operation. [1]

Detection Guidance

This vulnerability can be detected by monitoring for unusual POST requests to the userManager.cgx API endpoint that contain MD5-hashed passwords attempting to change the admin password without proper authentication. Network traffic analysis tools like Wireshark or command-line tools such as tcpdump can be used to capture and inspect HTTP POST requests to this endpoint. For example, using tcpdump: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and then filtering for POST requests to userManager.cgx. Additionally, web server logs can be searched for POST requests to userManager.cgx with suspicious payloads. However, no specific detection commands are provided in the resources. [1]

Mitigation Strategies

Immediate mitigation steps include restricting network access to the userManager.cgx API endpoint to trusted sources only, implementing network-level controls such as firewalls or access control lists to block unauthorized POST requests, and monitoring for suspicious activity targeting this endpoint. Since the vulnerability allows password changes without authentication, it is critical to apply any available firmware updates or patches from the vendor that address this issue. If patches are not yet available, consider disabling or restricting access to the vulnerable API endpoint until a fix is applied. [1]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53967. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart