HIGH✓ PATCH🇬🇧 English

CVE-2023-46384

CVSS 7.5v3.1pub. 2023-11-30upd. 2025-11-04

LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Loytec L Inx Configurator

    APP
    Loytec
    7.4.10
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2023-46383HIGH7.5ten sam produkt

LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usern...

CVE-2023-46385HIGH7.5ten sam produkt

LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. An admin crede...

CVE-2018-14916CRITICAL9.1ten sam vendor

LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.

CVE-2023-46386HIGH7.5ten sam vendor

LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions vi...

CVE-2023-46387HIGH7.5ten sam vendor

LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Contro...

CVE-2023-46384 — HIGH 7.5 | CVEbaza.pl