CVE-2023-53740

Screen SFT DAB 1.9.3 Authentication Bypass via Admin Password Change

Description

Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify the admin account.

INFO

Published Date :

2025-12-10T21:06:29.286Z

Last Modified :

2026-04-07T14:06:47.252Z

Source :

VulnCheck

AFFECTED PRODUCTS

The following products are affected by CVE-2023-53740 vulnerability.

Vendors	Products
Dbbroadcast	Sft Dab 015\/c Sft Dab 015\/c Firmware Sft Dab 050\/c Sft Dab 050\/c Firmware Sft Dab 150\/c Sft Dab 150\/c Firmware Sft Dab 300\/c Sft Dab 300\/c Firmware Sft Dab 600\/c Sft Dab 600\/c Firmware Sft Dab Series

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53740.

URL	Resource
https://www.dbbroadcast.com
https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/
https://www.exploit-db.com/exploits/51458
https://www.screen.it
https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-admin-password-change
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5774.php