CVE-2023-46386
Loytec L-INX Automation Servers Information Disclosure / Cleartext Secrets
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.
LOYTEC electronics GmbH el firmware LINX-212 6.2.4 y el firmware LINX-151 7.2.4 son vulnerables a permisos inseguros a través del archivo registry.xml. Esta vulnerabilidad permite a atacantes remotos revelar las credenciales de la cuenta del cliente SMTP y eludir la autenticación de correo electrónico.
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.
Loytec LINX-151 with firmware version 7.2.4 and LINX-212 with firmware version 6.2.4 suffer from file disclosure vulnerabilities that leak secrets as well as issues with stories secrets in the clear.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-10-23 CVE Reserved
- 2023-11-28 CVE Published
- 2024-09-20 CVE Updated
- 2024-09-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-312: Cleartext Storage of Sensitive Information
CAPEC
References (4)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Loytec Search vendor "Loytec" | Linx-212 Firmware Search vendor "Loytec" for product "Linx-212 Firmware" | 6.2.4 Search vendor "Loytec" for product "Linx-212 Firmware" and version "6.2.4" | - |
Affected
| in | Loytec Search vendor "Loytec" | Linx-212 Search vendor "Loytec" for product "Linx-212" | - | - |
Safe
|
Loytec Search vendor "Loytec" | Linx-151 Firmware Search vendor "Loytec" for product "Linx-151 Firmware" | 7.2.4 Search vendor "Loytec" for product "Linx-151 Firmware" and version "7.2.4" | - |
Affected
| in | Loytec Search vendor "Loytec" | Linx-151 Search vendor "Loytec" for product "Linx-151" | - | - |
Safe
|