VYPR

LINX Configurator

by Loytec

CVEs (4)

  • CVE-2023-46385Nov 30, 2023
    risk 0.00cvss epss 0.01

    LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration.

  • CVE-2023-46383Nov 30, 2023
    risk 0.00cvss epss 0.01

    LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration.

  • CVE-2023-46384Nov 30, 2023
    risk 0.00cvss epss 0.02

    LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.

  • CVE-2023-46382Nov 4, 2023
    risk 0.00cvss epss 0.03

    LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login.