R Radio Network FM Transmitter 1.07 allows unauthenticated attackers to access the admin users password through the system.cgi endpoint, enabling authentication bypass and FM station setup access.
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.