CVE-2023-36623
https://notcve.org/view.php?id=CVE-2023-36623
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges. • https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-013.txt https://www.syss.de/pentest-blog/root-zugang-zu-smarthome-server-loxone-miniserver-go-gen-2-syss-2023-004/-012/-013 • CWE-798: Use of Hard-coded Credentials •
CVE-2023-36622
https://notcve.org/view.php?id=CVE-2023-36622
The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter. • https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-012.txt https://www.syss.de/pentest-blog/root-zugang-zu-smarthome-server-loxone-miniserver-go-gen-2-syss-2023-004/-012/-013 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2023-36624
https://notcve.org/view.php?id=CVE-2023-36624
Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement. • https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-004.txt https://www.syss.de/pentest-blog/root-zugang-zu-smarthome-server-loxone-miniserver-go-gen-2-syss-2023-004/-012/-013 • CWE-862: Missing Authorization •