Mike Jankowski-Lorek - Security Researcher - Exploit Intelligence Platform

CVE-2023-37607 WRITEUP HIGH WRITEUP

Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 - Path Traversal via csvServer.php dir Parameter

Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. in the dir parameter.

CVSS 7.5

View Code

CVE-2023-37608 WRITEUP HIGH WORKING POC

Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 - Use of Hard-coded Credentials

An issue in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information because there is an automaticsystems super admin account with astech as its hardcoded password.

CVSS 7.5

View Code

EIP-2026-105317 EXPLOITDB text WORKING POC

Automatic-Systems SOC FL9600 FastLine - Directory Transversal

View Code

EIP-2026-105318 EXPLOITDB text WRITEUP

Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin

View Code