Advertisement






Automatic-Systems SOC FL9600 FastLine - password disclosure

CVE Category Price Severity
CVE-2023-37608 CWE-255 Not specified High
Author Risk Exploitation Type Date
Unknown High Remote 2023-10-17
CVSS
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023100044

Below is a copy:

Automatic-Systems SOC FL9600 FastLine - password disclosure
# Exploit Title: Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin

# Date: 12/9/2023

# Remote: yes

# Local: No

# Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure

# Vendor Homepage: http://automatic-systems.com

# CVE : CVE-2023-37608

# Version: Automatic-Systems SOC FL9600 FastLine version:V06

# Tested on: VersionSVN = 28569_8a99acbd8d7ea09a57d5fbcb435da5427b3f6b8a, DateCompil = 2019-11-20 11:22:18

---------------------------POC---------------------------

An issue in Automatic Systems SOC FL9600 FastLine version:V06 a remote attacker to obtain sensitive information via the admin login credentials.

 

The device contains hardcoded login and password for super admin. The administrator cannot change the password for this account.

 

Login: automaticsystems

Password: astech

 

---------------------------End---------------------------

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.