Vulnerabilities > Loytec > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-46383 | Cleartext Transmission of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10 LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration. | 7.5 |
| 2023-11-30 | CVE-2023-46384 | Cleartext Storage of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10 LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. | 7.5 |
| 2023-11-30 | CVE-2023-46385 | Cleartext Transmission of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10 LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. | 7.5 |
| 2023-11-30 | CVE-2023-46386 | Cleartext Storage of Sensitive Information vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file. | 7.5 |
| 2023-11-30 | CVE-2023-46387 | Unspecified vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via dpal_config.zml file. | 7.5 |
| 2023-11-30 | CVE-2023-46388 | Cleartext Storage of Sensitive Information vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via dpal_config.zml file. | 7.5 |
| 2023-11-30 | CVE-2023-46389 | Unspecified vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via registry.xml file. | 7.5 |
| 2023-11-04 | CVE-2023-46380 | Cleartext Transmission of Sensitive Information vulnerability in Loytec products LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP. | 7.5 |
| 2023-11-04 | CVE-2023-46381 | Missing Authentication for Critical Function vulnerability in Loytec products LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. | 8.2 |
| 2023-11-04 | CVE-2023-46382 | Cleartext Transmission of Sensitive Information vulnerability in Loytec products LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login. | 7.5 |