CVE-2023-53739

Sažetak

Tinycontrol LAN Controller v3 LK3 version 1.58a contains an unauthenticated vulnerability that allows remote attackers to download configuration backup files containing sensitive credentials. Attackers can retrieve the lk3_settings.bin file and extract base64-encoded user and admin passwords without authentication.

Reference

https://www.exploit-db.com/exploits/51731
https://www.tinycontrol.pl
https://www.vulncheck.com/advisories/tinycontrol-lan-controller-v3-lk3-unauthenticated-configuration-backup-disclosure
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5786.php

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

12-12-2025 - 15:19

Objavljeno

09-12-2025 - 21:15