TXOne Networks
Hero background

CVE-2023-46388

Last Updated: November 27, 2023

Loytec Use of Hard-coded Password Authentication Bypass Vulnerability

CVE IDCVE-2023-46388
SeverityHigh
Affected VendorsLOYTEC electronics GmbH
Affected ProductsLINX-151, Firmware 7.2.4, LINX-212, firmware 6.2.4
Vulnerability Details‘dpal_config.wbx’ file contains hard-coded clear text credentials for smtp client account. If an attacker succeeds in getting dpal_config.zml file, the email account could be compromised. Password should be encrypted.
Solutions & RulesN/A
CreditChizuru Toyama of TXOne Networks

Questions About This Advisory?

Our PSIRT team is here to help with security-related inquiries.

security@txone.com