
CVE-2023-46386
Last Updated: November 27, 2023
Loytec Use of Hard-coded Password Authentication Bypass Vulnerability
| CVE ID | CVE-2023-46386 |
|---|---|
| Severity | High |
| Affected Vendors | LOYTEC electronics GmbH |
| Affected Products | LINX-151, Firmware 7.2.4, LINX-212, firmware 6.2.4 |
| Vulnerability Details | ‘registry.xml’ file contains hard-coded clear text credentials for smtp client account. If an attacker succeeds in getting registry.xml file, the email account could be compromised. Password should be encrypted. |
| Solutions & Rules | N/A |
| Credit | Chizuru Toyama of TXOne Networks |
Questions About This Advisory?
Our PSIRT team is here to help with security-related inquiries.
security@txone.com