Insecure Permissions in LOYTEC Electronics GmbH LINX-212 and LINX-151 Firmware: Exposing SMTP Client Account Credentials and Bypassing Email Authentication

Insecure Permissions in LOYTEC Electronics GmbH LINX-212 and LINX-151 Firmware: Exposing SMTP Client Account Credentials and Bypassing Email Authentication

CVE-2023-46386 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.

Learn more about our Web Application Penetration Testing UK.