CVE-2023-46386

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 30, 2023

Updated: Dec 14, 2023

CWE ID 312

Summary

CVE-2023-46386 is a vulnerability affecting LOYTEC electronics GmbH LINX-212 firmware version 6.2.4 and LINX-151 firmware version 7.2.4. This issue involves insecure permissions on the registry.xml file, which can be exploited by remote attackers. By taking advantage of this vulnerability, they can disclose SMTP client account credentials and bypass email authentication, posing a significant risk to system security. It is advised that users update their firmware to the latest version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tGpFeq
https://www.cve.org/CVERecord?id=CVE-2023-46386
https://nvd.nist.gov/vuln/detail/CVE-2023-46386

Back to Vulnerability Database

CVE-2023-46386

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations