DB Broadcasting Screen SFT DAB 600/C Authentication Bypass Vulnerability

A session management vulnerability has been identified in the DB Broadcasting Screen SFT DAB 600/C transmitter, specifically in Firmware 1.9.3. This vulnerability allows attackers to bypass authentication by reusing IP-bound session identifiers. Exploitation involves sending crafted POST requests to the deviceManagement API endpoint, enabling unauthorized manipulation of device configurations.

Impact

Exploitation of this vulnerability allows for authentication bypass, unauthorized access to critical device management functions, and the ability to reset and potentially disrupt normal operation of the affected transmitter.

Reproduction

To reproduce this vulnerability, an attacker must be on the same network as the target device and reuse the IP address of a legitimate user to take advantage of the session management flaw. Once the session is established, unauthorized requests can be sent to the deviceManagement API to reset the transmitter's configuration.