DB Elettronica SFT DAB Series Authentication Bypass Vulnerability Allowing Unauthorized API Access

An authentication bypass vulnerability has been identified in the DB Elettronica SFT DAB series transmitters, specifically in version 1.9.3. This vulnerability arises from weak session management that allows attackers to reuse IP-bound session identifiers. By exploiting this flaw, attackers can send unauthorized requests to the device management API, potentially manipulating critical functions of the transmitter.

Impact

Exploitation of this vulnerability could lead to unauthorized access and manipulation of the transmitter's configuration and operations, as well as a potential denial-of-service condition.

Reproduction

To reproduce this vulnerability, an attacker must be on the same network as the target device and reuse the IP address of a legitimate user to take advantage of the session binding mechanism. Once the session is established, unauthorized requests can be sent to the device management API to perform critical operations on the transmitter.