← Advisories

TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass

High

Advisory ID

ZSL-2024-5810

Release Date

31 January 2024

Vendor

TELSAT Srl - https://www.markoni.it

Affected Version

Markoni-D (Compact) FM Transmitters, Markoni-DH (Exciter+Amplifiers) FM Transmitters, Markoni-A (Analogue Modulator) FM Transmitters, Firmware: 1.9.5, 1.9.3, 1.5.9, 1.4.6, 1.3.9

CVE

CVE-2024-39375

Tested On

GNU/Linux 3.10.53 (armv7l), icorem6solox, lighttpd/1.4.33

Summary

Professional FM transmitters.

Description

The application implements client-side restrictions that can be bypassed by editing the HTML source page that enable administrative operations.

Proof of Concept

markoni_acbypass.txtTXT

Disclosure Timeline

10.11.2023Vulnerability discovered.

21.11.2023Contact with the vendor.

22.11.2023No response from the vendor.

19.01.2024Contact with the vendor.

29.01.2024No response from the vendor.

31.01.2024Public security advisory released.

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://packetstormsecurity.com/files/176935/

[2]https://www.cisa.gov/news-events/ics-advisories/icsa-24-179-01

[3]https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39375

[4]https://nvd.nist.gov/vuln/detail/CVE-2024-39375

Changelog

31.01.2024Initial release

01.02.2024Added reference [1]

01.07.2024Added reference [2], [3] and [4]