The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JWT validation across devices. Attackers can reuse a valid JWT token obtained from one device to authenticate and gain administrative access to any other device running the same firmware, even if the passwords and networks are different. This allows full compromise of affected devices.
The vulnerability results from improper validation of JWT (JSON Web Token) tokens – the firmware does not verify whether the token was issued for a specific device. As a result, a valid JWT token obtained from one device can be used to authenticate to a completely different device running the same firmware, even if both devices have different passwords and are located in different networks. This is a combination of authentication error (CWE-287) and session persistence (CWE-384).
An attacker gains full administrative access to the device without knowledge of its password, leading to complete takeover of the device, including the ability to modify configuration, read data, and disrupt its operation.
Apply patches available from the manufacturer according to the references. Until an update is applied, it is recommended to isolate devices at the network level and restrict access to the management interface exclusively to trusted hosts through a firewall or network segmentation.
Itel DAB Encoder (IDEnc) in firmware version build 25aec8d (products: Itel Idenc Firmware, Itel Idenc)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HItel Idenc
HWItelwszystkie wersjeItel Idenc Firmware
OSItelwszystkie wersje
Related vulnerabilities
Itel DAB Gateway — Authentication Bypass przez błędną weryfikację JWT
Authentication Bypass w Itel DAB MUX — wielourządzeniowe nadużycie tokenów JWT
The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session hijacking due to i...