Insecure Permissions in LOYTEC Electronics GmbH LINX-212 and LINX-151 Firmware: Exposing SMTP Client Account Credentials and Bypassing Email Authentication
CVE-2023-46386 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.
Learn more about our Web Application Penetration Testing UK.