LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NLoytec L Inx Configurator
APPLoytec7.4.10
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References
Related vulnerabilities
CVE-2023-46383HIGH7.5ten sam produkt
LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usern...
CVE-2023-46385HIGH7.5ten sam produkt
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. An admin crede...
CVE-2018-14916CRITICAL9.1ten sam vendor
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.
CVE-2023-46386HIGH7.5ten sam vendor
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions vi...
CVE-2023-46387HIGH7.5ten sam vendor
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Contro...