Sft Dab 600\/c Firmware CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-53741	1 Dbbroadcast	11 Sft Dab 015\/c, Sft Dab 015\/c Firmware, Sft Dab 050\/c and 8 more	2025-12-17	8.1 High
Screen SFT DAB 1.9.3 contains a weak session management vulnerability that allows attackers to bypass authentication controls by reusing IP address-bound session identifiers. Attackers can exploit the vulnerable API by intercepting and reusing established sessions to remove user accounts without proper authorization.
CVE-2023-53740	1 Dbbroadcast	11 Sft Dab 015\/c, Sft Dab 015\/c Firmware, Sft Dab 050\/c and 8 more	2025-12-17	9.8 Critical
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change the admin password without providing the current credentials. Attackers can exploit the userManager.cgx endpoint by sending a crafted JSON request with a new MD5-hashed password to directly modify the admin account.
CVE-2023-33684	1 Dbbroadcast	3 Sft Dab 600\/c, Sft Dab 600\/c Bios, Sft Dab 600\/c Firmware	2024-11-21	5.7 Medium
Weak session management in DB Elettronica Telecomunicazioni SpA SFT DAB 600/C Firmware: 1.9.3 Bios firmware: 7.1 (Apr 19 2021) Gui: 2.46 FPGA: 169.55 uc: 6.15 allows attackers on the same network to bypass authentication by re-using the IP address assigned to the device by the NAT protocol.

Page 1 of 1.