Share
## https://sploitus.com/exploit?id=PACKETSTORM:175952
[+] CVE : CVE-2023-46386, CVE-2023-46387, CVE-2023-46388, CVE-2023-46389   
[+] Title : Multiple vulnerabilities in Loytec L-INX Automation Servers  
[+] Vendor : LOYTEC electronics GmbH  
[+] Affected Product(s) : LINX-151, Firmware 7.2.4, LINX-212, firmware 6.2.4  
[+] Affected Components : L-INX Automation Servers  
[+] Discovery Date : 01-Sep-2021  
[+] Publication date : 03-Nov-2023  
[+] Discovered by : Chizuru Toyama of TXOne networks  
  
  
[Vulnerability Description]  
  
CVE-2023-46386 : Insecure Permissions  
'registry.xml' file contains hard-coded clear text credentials for   
smtp client account. If an attacker succeeds in getting registry.xml file,   
the email account could be compromised. Password should be encrypted.  
  
CVE-2023-46387 : Improper Access Control  
'/var/lib/lgtw/dpal_config.zml' file is accessible via file download API.   
'dpal_config.wbx' which is extracted from 'dpal_config.zml' includes  
sensitive configuration information such as smtp client information.   
Authentication is required to exploit this vulnerability.  
http://<IP>:<port>/DT?filename=/var/lib/lgtw/dpal_config.zml  
  
CVE-2023-46388 : Insecure Permissions  
'dpal_config.wbx' file contains hard-coded clear text credentials for   
smtp client account. If an attacker succeeds in getting dpal_config.zml file,   
the email account could be compromised. Password should be encrypted.  
  
CVE-2023-46389 : Improper Access Control  
'/tmp/registry.xml' file is accessible via file download API.   
'registry.xml' includes device configuration information which includes  
sensitive information such as smtp client information. Authentication is  
required to exploit this vulnerability.  
http://<IP>:<port>/DT?filename=/tmp/registry.xml  
  
  
[Timeline]  
  
01-Sep-2021 : Vulnerabilities discovered  
13-Oct-2021 : Trend Micro ZDI (Zero Day Initiative) reported to vendor (no response)  
07-Oct-2022 : ICS CERT reported to vendor (no response)  
03-Nov-2023 : Public Disclosure