Vulnerabilities > Loytec > Liob 586 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-04 CVE-2023-46380 Cleartext Transmission of Sensitive Information vulnerability in Loytec products
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP.
network
low complexity
loytec CWE-319
7.5
7.5
2023-11-04 CVE-2023-46381 Missing Authentication for Critical Function vulnerability in Loytec products
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI.
network
low complexity
loytec CWE-306
8.2
8.2
2023-11-04 CVE-2023-46382 Cleartext Transmission of Sensitive Information vulnerability in Loytec products
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login.
network
low complexity
loytec CWE-319
7.5
7.5