VYPR
Unrated severityNVD Advisory· Published Dec 22, 2025· Updated Dec 22, 2025

Screen SFT DAB 600/C Firmware 1.9.3 Authentication Bypass Admin Password Change

CVE-2023-53967

Description

Screen SFT DAB 600/C firmware 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without requiring the current credentials. Attackers can exploit the userManager.cgx API endpoint by sending a crafted POST request with a new MD5-hashed password to directly modify the admin account's authentication.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.