CVE-2023-53967
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-22

Last updated on: 2025-12-26

Assigner: VulnCheck

Description
Screen SFT DAB 600/C firmware 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without requiring the current credentials. Attackers can exploit the userManager.cgx API endpoint by sending a crafted POST request with a new MD5-hashed password to directly modify the admin account's authentication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-22
Last Modified
2025-12-26
Generated
2026-06-16
AI Q&A
2025-12-23
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53967
EUVD
EUVD-2023-60229
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
dbbroadcast sft_dab_600\/c_firmware 1.9.3
dbbroadcast sft_dab_600\/c *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2023-53967 is an authentication bypass vulnerability in Screen SFT DAB 600/C firmware version 1.9.3. It allows an attacker to change the administrator password without knowing the current password by exploiting the userManager.cgx API endpoint. The attacker sends a specially crafted POST request with a new MD5-hashed password, which directly modifies the admin account's authentication data, enabling unauthorized access. [1]

Impact Analysis

This vulnerability can have a severe impact as it allows attackers to gain unauthorized administrative access to the device by changing the admin password without credentials. This can lead to a complete compromise of the device's confidentiality, integrity, and availability, potentially allowing attackers to control the device, access sensitive information, or disrupt its operation. [1]

Detection Guidance

This vulnerability can be detected by monitoring for unusual POST requests to the userManager.cgx API endpoint that contain MD5-hashed passwords attempting to change the admin password without proper authentication. Network traffic analysis tools like Wireshark or command-line tools such as tcpdump can be used to capture and inspect HTTP POST requests to this endpoint. For example, using tcpdump: tcpdump -i <interface> -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and then filtering for POST requests to userManager.cgx. Additionally, web server logs can be searched for POST requests to userManager.cgx with suspicious payloads. However, no specific detection commands are provided in the resources. [1]

Mitigation Strategies

Immediate mitigation steps include restricting network access to the userManager.cgx API endpoint to trusted sources only, implementing network-level controls such as firewalls or access control lists to block unauthorized POST requests, and monitoring for suspicious activity targeting this endpoint. Since the vulnerability allows password changes without authentication, it is critical to apply any available firmware updates or patches from the vendor that address this issue. If patches are not yet available, consider disabling or restricting access to the vulnerable API endpoint until a fix is applied. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53967. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart