CQURE Team

2 exploits Active since Jan 2024
CVE-2023-37607 WRITEUP HIGH WRITEUP
Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 - Path Traversal via csvServer.php dir Parameter
Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. in the dir parameter.
CVSS 7.5
CVE-2023-37608 WRITEUP HIGH WORKING POC
Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 - Use of Hard-coded Credentials
An issue in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information because there is an automaticsystems super admin account with astech as its hardcoded password.
CVSS 7.5