Home / os / win2k

R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure

Posted on 04 December 2023

R Radio Network FM Transmitter version 1.07 suffers from an improper access control that allows an unauthenticated actor to directly reference the system.cgi endpoint and disclose the clear-text password of the admin user allowing authentication bypass and FM station setup access.

 

TOP