Vulnerabilities > Loytec

DATE CVE VULNERABILITY TITLE RISK
2023-11-30 CVE-2023-46383 Cleartext Transmission of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10
LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration.
network
low complexity
loytec CWE-319
7.5
2023-11-30 CVE-2023-46384 Cleartext Storage of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions.
network
low complexity
loytec CWE-312
7.5
2023-11-30 CVE-2023-46385 Cleartext Transmission of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions.
network
low complexity
loytec CWE-319
7.5
2023-11-30 CVE-2023-46386 Cleartext Storage of Sensitive Information vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file.
network
low complexity
loytec CWE-312
7.5
2023-11-30 CVE-2023-46387 Unspecified vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via dpal_config.zml file.
network
low complexity
loytec
7.5
2023-11-30 CVE-2023-46388 Cleartext Storage of Sensitive Information vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via dpal_config.zml file.
network
low complexity
loytec CWE-312
7.5
2023-11-30 CVE-2023-46389 Unspecified vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via registry.xml file.
network
low complexity
loytec
7.5
2023-11-04 CVE-2023-46380 Cleartext Transmission of Sensitive Information vulnerability in Loytec products
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP.
network
low complexity
loytec CWE-319
7.5
2023-11-04 CVE-2023-46381 Missing Authentication for Critical Function vulnerability in Loytec products
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI.
network
low complexity
loytec CWE-306
8.2
2023-11-04 CVE-2023-46382 Cleartext Transmission of Sensitive Information vulnerability in Loytec products
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login.
network
low complexity
loytec CWE-319
7.5