Security
Headlines
HeadlinesLatestCVEs

Headline

Loytec L-INX Automation Servers Information Disclosure / Cleartext Secrets

Loytec LINX-151 with firmware version 7.2.4 and LINX-212 with firmware version 6.2.4 suffer from file disclosure vulnerabilities that leak secrets as well as issues with stories secrets in the clear.

Packet Storm
#vulnerability#auth#zero_day
[+] CVE                                  : CVE-2023-46386, CVE-2023-46387, CVE-2023-46388, CVE-2023-46389  [+] Title                                 : Multiple vulnerabilities in Loytec L-INX Automation Servers[+] Vendor                            : LOYTEC electronics GmbH[+] Affected Product(s)      : LINX-151, Firmware 7.2.4, LINX-212, firmware 6.2.4[+] Affected Components : L-INX Automation Servers[+] Discovery Date              : 01-Sep-2021[+] Publication date           : 03-Nov-2023[+] Discovered by               : Chizuru Toyama of TXOne networks[Vulnerability Description]CVE-2023-46386 : Insecure Permissions'registry.xml' file contains hard-coded clear text credentials for  smtp client account. If an attacker succeeds in getting registry.xml file,  the email account could be compromised. Password should be encrypted.CVE-2023-46387 : Improper Access Control'/var/lib/lgtw/dpal_config.zml' file is accessible via file download API.  'dpal_config.wbx' which is extracted from 'dpal_config.zml' includessensitive configuration information such as smtp client information.   Authentication is required to exploit this vulnerability.http://<IP>:<port>/DT?filename=/var/lib/lgtw/dpal_config.zmlCVE-2023-46388 : Insecure Permissions'dpal_config.wbx' file contains hard-coded clear text credentials for  smtp client account. If an attacker succeeds in getting dpal_config.zml file,  the email account could be compromised. Password should be encrypted.CVE-2023-46389 : Improper Access Control'/tmp/registry.xml' file is accessible via file download API.  'registry.xml' includes device configuration information which includessensitive information such as smtp client information. Authentication isrequired to exploit this vulnerability.http://<IP>:<port>/DT?filename=/tmp/registry.xml[Timeline]01-Sep-2021 : Vulnerabilities discovered13-Oct-2021 : Trend Micro ZDI (Zero Day Initiative) reported to vendor (no response)07-Oct-2022 : ICS CERT reported to vendor (no response)03-Nov-2023 : Public Disclosure

Related news

CVE-2023-46389: [CVE-2023-46386, CVE-2023-46387, CVE-2023-46388, CVE-2023-46389] Multiple vulnerabilities in Loytec products (3)

LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 Firmware 7.2.4 are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration.

Packet Storm: Latest News

CUPS IPP Attributes LAN Remote Code Execution