216.73.217.47

CVE-2023-53741

· Published 10/12/2025 21:16 · Modified 18/12/2025 21:15

Labels: CVE-2023-53741 2025-12-10CVE-2023-53741CWE-384[email protected]

Essential information

Published
10/12/2025 21:16
Modified
18/12/2025 21:15
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.

NVD status

Status
Modified — CVE has been amended by a source (CVE Primary CNA or another CNA). Analysis data supplied by the NVD may be no longer be accurate due to these changes.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
dbbroadcast / sft dab 015\/c firmware cpe:2.3:o:dbbroadcast:sft_dab_015\/c_firmware:1.9.3:*:*:*:*:*:*:*
dbbroadcast / sft dab 015\/c cpe:2.3:h:dbbroadcast:sft_dab_015\/c:-:*:*:*:*:*:*:*
dbbroadcast / sft dab 050\/c firmware cpe:2.3:o:dbbroadcast:sft_dab_050\/c_firmware:1.9.3:*:*:*:*:*:*:*
dbbroadcast / sft dab 050\/c cpe:2.3:h:dbbroadcast:sft_dab_050\/c:-:*:*:*:*:*:*:*
dbbroadcast / sft dab 150\/c firmware cpe:2.3:o:dbbroadcast:sft_dab_150\/c_firmware:1.9.3:*:*:*:*:*:*:*
dbbroadcast / sft dab 150\/c cpe:2.3:h:dbbroadcast:sft_dab_150\/c:-:*:*:*:*:*:*:*
dbbroadcast / sft dab 300\/c firmware cpe:2.3:o:dbbroadcast:sft_dab_300\/c_firmware:1.9.3:*:*:*:*:*:*:*
dbbroadcast / sft dab 300\/c cpe:2.3:h:dbbroadcast:sft_dab_300\/c:-:*:*:*:*:*:*:*
dbbroadcast / sft dab 600\/c firmware cpe:2.3:o:dbbroadcast:sft_dab_600\/c_firmware:1.9.3:*:*:*:*:*:*:*
dbbroadcast / sft dab 600\/c cpe:2.3:h:dbbroadcast:sft_dab_600\/c:-:*:*:*:*:*:*:*

References