Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-46385 | 1 Loytec | 1 L-inx Configurator | 2023-12-14 | N/A | 7.5 HIGH |
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration. | |||||
CVE-2023-46384 | 1 Loytec | 1 L-inx Configurator | 2023-12-14 | N/A | 7.5 HIGH |
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device. | |||||
CVE-2023-46383 | 1 Loytec | 1 L-inx Configurator | 2023-12-14 | N/A | 7.5 HIGH |
LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration. |