Filtered by vendor Loytec Subscriptions
Filtered by product Linx-212 Firmware Subscriptions
Total 7 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-46381 1 Loytec 6 Linx-212, Linx-212 Firmware, Liob-586 and 3 more 2024-11-27 8.2 High
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. An unauthenticated attacker can edit any project (or create a new project) and control its GUI.
CVE-2023-46387 1 Loytec 4 Linx-151, Linx-151 Firmware, Linx-212 and 1 more 2024-11-26 7.5 High
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via dpal_config.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration.
CVE-2023-46389 1 Loytec 4 Linx-151, Linx-151 Firmware, Linx-212 and 1 more 2024-11-21 7.5 High
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration.
CVE-2023-46388 1 Loytec 4 Linx-151, Linx-151 Firmware, Linx-212 and 1 more 2024-11-21 7.5 High
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via dpal_config.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.
CVE-2023-46386 1 Loytec 4 Linx-151, Linx-151 Firmware, Linx-212 and 1 more 2024-11-21 7.5 High
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.
CVE-2023-46382 1 Loytec 6 Linx-212, Linx-212 Firmware, Liob-586 and 3 more 2024-11-21 7.5 High
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login.
CVE-2023-46380 1 Loytec 10 L-inx Configurator, Linx-151, Linx-212 and 7 more 2024-11-21 7.5 High
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP.