CVE-2023-53739 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that allows remote attackers to download configuration backup files co…
Critical CVSS: 9.9

CVE-2023-53739

Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that allows remote attackers to download configuration backup files containing sensitive credentials. Attackers can retrieve the lk3_settings.bin file and extract base64-encoded user and admin passwords without authentication.
Vendor
-
Product
-
CWE
CWE-260
Yayın Tarihi
2025-12-09 21:15:51
Güncelleme
2025-12-12 15:19:07
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-260 CRITICAL 2025

Referanslar

https://www.exploit-db.com/exploits/51731 https://www.tinycontrol.pl https://www.vulncheck.com/advisories/tinycontrol-lan-controller-v3-lk3-unauthenticated-configuration-backup-disclosure https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5786.php