CVE-2023-53968
CRITICALScreen SFT DAB 600/C Firmware 1.9.3 - Auth Bypass
Title source: llmDescription
Screen SFT DAB 600/C Firmware 1.9.3 contains a session management vulnerability that allows attackers to bypass authentication controls by exploiting IP address session binding. Attackers can reuse the same IP address and issue unauthorized requests to the userManager API to remove user accounts without proper authentication.
Exploits (1)
exploitdb
WORKING POC
by LiquidWorm · pythonremotehardware
https://www.exploit-db.com/exploits/51457
References (5)
Scores
CVSS v3
9.8
EPSS
0.0058
EPSS Percentile
69.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-306
Status
published
Products (1)
dbbroadcast/sft_dab_600\/c_firmware
1.9.3
Published
Dec 22, 2025
Tracked Since
Feb 18, 2026