CVE-2023-53741
HIGHDescription
Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.
Is your site exposed to CVE-2023-53741?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| dbbroadcast | sft_dab_015\/c_firmware |
| dbbroadcast | sft_dab_015\/c |
| dbbroadcast | sft_dab_050\/c_firmware |
| dbbroadcast | sft_dab_050\/c |
| dbbroadcast | sft_dab_150\/c_firmware |
| dbbroadcast | sft_dab_150\/c |
| dbbroadcast | sft_dab_300\/c_firmware |
| dbbroadcast | sft_dab_300\/c |
| dbbroadcast | sft_dab_600\/c_firmware |
| dbbroadcast | sft_dab_600\/c |
References
Other References
Frequently Asked Questions
What is CVE-2023-53741? +
How severe is CVE-2023-53741? +
What products are affected by CVE-2023-53741? +
How do I check if I'm vulnerable to CVE-2023-53741? +
Related Vulnerabilities
An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of …
A malicious actor can fix the session of a PAM user by tricking the user to click on a specially …
When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized …
This vulnerability exists in Meon KYC solutions due to improper handling of access and refresh tokens in certain API endpoints …
A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could …
Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from …