Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-46389 | 1 Loytec | 4 Linx-151, Linx-151 Firmware, Linx-212 and 1 more | 2023-12-14 | N/A | 7.5 HIGH |
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 Firmware 7.2.4 are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration. | |||||
CVE-2023-46388 | 1 Loytec | 4 Linx-151, Linx-151 Firmware, Linx-212 and 1 more | 2023-12-14 | N/A | 7.5 HIGH |
LOYTEC electronics GmbH LINX-212 6.2.4 and LINX-151 7.2.4 are vulnerable to Insecure Permissions via dpal_config.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication. | |||||
CVE-2023-46387 | 1 Loytec | 4 Linx-151, Linx-151 Firmware, Linx-212 and 1 more | 2023-12-14 | N/A | 7.5 HIGH |
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Incorrect Access Control via dpal_config.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration. | |||||
CVE-2023-46386 | 1 Loytec | 4 Linx-151, Linx-151 Firmware, Linx-212 and 1 more | 2023-12-14 | N/A | 7.5 HIGH |
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication. | |||||
CVE-2023-46382 | 1 Loytec | 6 Linx-212, Linx-212 Firmware, Liob-586 and 3 more | 2023-12-14 | N/A | 7.5 HIGH |
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3 devices use cleartext HTTP for login. | |||||
CVE-2023-46381 | 1 Loytec | 6 Linx-212, Linx-212 Firmware, Liob-586 and 3 more | 2023-12-14 | N/A | 8.2 HIGH |
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3 devices lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. An unauthenticated attacker can edit any project (or create a new project) and control its GUI. | |||||
CVE-2023-46380 | 1 Loytec | 6 Linx-212, Linx-212 Firmware, Liob-586 and 3 more | 2023-12-14 | N/A | 7.5 HIGH |
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3 devices send password-change requests via cleartext HTTP. |