CVE-2023-53740 – CVE-2023-53740 is an authentication bypass vuln... (How to Fix)

Q: What is the severity of CVE-2023-53740?

CVE-2023-53740 has a CVSS score of 9.8 (CRITICAL). CVE-2023-53740 is an authentication bypass vulnerability in Screen SFT DAB 1.9.3 that allows attackers to change the admin password without authentication by sending a crafted JSON request to the userManager.cgx endpoint. This affects organizations using Screen SFT DAB series compact air radio broadcasting equipment.

📋 TL;DR

CVE-2023-53740 is an authentication bypass vulnerability in Screen SFT DAB 1.9.3 that allows attackers to change the admin password without authentication by sending a crafted JSON request to the userManager.cgx endpoint. This affects organizations using Screen SFT DAB series compact air radio broadcasting equipment.

💻 Affected Systems

Products:

Screen SFT DAB series compact air

Versions: 1.9.3

Operating Systems: Embedded/Linux-based

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of version 1.9.3 are vulnerable by default. The userManager.cgx endpoint is typically accessible via the web interface.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain full administrative control over the broadcasting system, enabling them to disrupt broadcasts, modify configurations, or use the system as a foothold into the network.

🟠

Likely Case

Unauthorized users change the admin password, locking legitimate administrators out and potentially disrupting broadcast operations.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the isolated broadcast system with no lateral movement.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable via HTTP requests, making internet-facing instances immediately vulnerable.

🏢 Internal Only: HIGH - Even internally, any network-accessible instance can be exploited by internal threat actors or compromised devices.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available on Exploit-DB (ID 51458). The attack requires only a single HTTP POST request with crafted JSON payload.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.screen.it

Restart Required: No

Instructions:

No official patch is available. Contact Screen IT for updated firmware. If unavailable, implement workarounds immediately.

🔧 Temporary Workarounds

Network Access Control

linux

Restrict network access to the SFT DAB web interface using firewall rules or network segmentation.

iptables -A INPUT -p tcp --dport 80 -s trusted_ip -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j DROP

Web Server Configuration

all

Block access to the vulnerable userManager.cgx endpoint via web server configuration.

LocationMatch "^/userManager\.cgx$"
    Deny from all
</LocationMatch>

🧯 If You Can't Patch

Isolate the SFT DAB system on a dedicated VLAN with strict access controls
Implement network monitoring for suspicious requests to userManager.cgx endpoint

🔍 How to Verify

Check if Vulnerable:

Send a POST request to http://[target]/userManager.cgx with JSON payload {"action":"updateUser","username":"admin","password":"[md5_hash]"} and check if password changes without authentication.

Check Version:

Check web interface footer or system information page for version 1.9.3

Verify Fix Applied:

Attempt the same exploit after implementing workarounds - requests should be blocked or fail.

📡 Detection & Monitoring

Log Indicators:

HTTP POST requests to /userManager.cgx
Admin password change events without prior authentication

Network Indicators:

HTTP traffic to userManager.cgx endpoint with JSON payload containing 'updateUser' action

SIEM Query:

source="web_logs" AND uri="/userManager.cgx" AND method="POST" AND (body CONTAINS "updateUser" OR body CONTAINS "admin")

📊 Metadata

CVE ID: CVE-2023-53740

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-862

EPSS Score: 0.51% exploit probability (65.7th percentile)

Published: December 10, 2025

Last Updated: December 17, 2025

🔗 References

https://www.dbbroadcast.com Product
https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Product
https://www.exploit-db.com/exploits/51458 Exploit,Third Party Advisory
https://www.screen.it Product
https://www.vulncheck.com/advisories/screen-sft-dab-authentication-bypass-via-admin-password-change Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5774.php Third Party Advisory,Exploit
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5774.php Third Party Advisory,Exploit

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53740, you might also want to check these: