21 matches found
CVE-2023-46383
LOYTEC electronics GmbH LINX Configurator all versions uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration...
CVE-2023-46385
LOYTEC electronics GmbH LINX Configurator all versions is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration...
CVE-2023-46384
LOYTEC electronics GmbH LINX Configurator all versions is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device...
CVE-2023-46383
LOYTEC electronics GmbH LINX Configurator all versions uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration...
CVE-2023-46384
LOYTEC electronics GmbH LINX Configurator all versions is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device...
Design/Logic Flaw
LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration...
Design/Logic Flaw
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration...
CVE-2023-46384
LOYTEC electronics GmbH LINX Configurator all versions is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device...
PT-2023-29993 · Loytec Electronics Gmbh · Linx Configurator
Name of the Vulnerable Software and Affected Versions: LOYTEC electronics GmbH LINX Configurator all versions Description: The issue concerns insecure permissions in the LINX Configurator, where credentials are stored in cleartext. This allows remote attackers to disclose the admin password and...
CVE-2023-46383
The CVE-2023-46383 entry concerns LOYTEC LINX Configurator (all versions). The underlying issue is HTTP Basic Authentication transmitting credentials in base64-encoded cleartext, enabling remote attackers to steal admin passwords and gain full control of Loytec device configuration. Affected prod...
PT-2023-29994 · Loytec Electronics Gmbh · Linx Configurator
Name of the Vulnerable Software and Affected Versions: LOYTEC electronics GmbH LINX Configurator all versions Description: The issue concerns insecure permissions where an admin credential is passed as a value of URL parameters without encryption. This allows remote attackers to steal the passwor...
LOYTEC electronics GmbH LINX Configurator Security Breach
LOYTEC electronics GmbH LINX Configurator is a tool from the Austrian company LOYTEC electronics GmbH for configuring and managing devices on its LINX platform. A security vulnerability exists in LOYTEC electronics GmbH LINX Configurator version 7.4.10 that stems from the use of clear text to...
PT-2023-29992 · Loytec Electronics Gmbh · Linx Configurator
Name of the Vulnerable Software and Affected Versions: LOYTEC electronics GmbH LINX Configurator all versions Description: The issue concerns the use of HTTP Basic Authentication in the LINX Configurator, which transmits usernames and passwords in base64-encoded cleartext. This allows remote...
CVE-2023-46384
CVE-2023-46384 affects LOYTEC electronics LINX Configurator (v7.4.10; and LINX-related components) with insecure permissions that allow cleartext credential storage, enabling remote disclosure of the admin password and bypass of authentication to log in to Loytec devices. Technical details from c...
CVE-2023-46385
CVE-2023-46385 affects LOYTEC electronics LINX Configurator (all versions). The vulnerability is caused by insecure permissions: an admin credential is passed as a value in URL parameters without encryption, enabling remote attackers to steal the password and gain full control of Loytec device co...
LOYTEC electronics GmbH LINX Configurator Security Breach
LOYTEC electronics GmbH LINX Configurator is a tool from the Austrian company LOYTEC electronics GmbH for configuring and managing devices on its LINX platform. A security vulnerability in LOYTEC electronics GmbH LINX Configurator version 7.4.10, which stems from the failure to encrypt the...
LOYTEC electronics GmbH LINX Configurator Security Breach
LOYTEC electronics GmbH LINX Configurator is a tool from the Austrian company LOYTEC electronics GmbH for configuring and managing devices on its LINX platform. A security vulnerability in LOYTEC electronics GmbH LINX Configurator version 7.4.10, which stems from the use of base64-encoded clearte...
Loytec LINX Configurator 7.4.10 Insecure Transit / Cleartext Secrets Vulnerability
CVE : CVE-2023-46383, CVE-2023-46384, CVE-2023-46385 + Title : Multiple vulnerabilities in Loytec LINX Configurator + Vendor : LOYTEC electronics GmbH + Affected Products : LINX Configurator 7.4.10 + Affected Components : LINX Configurator + Discovery Date : 01-Sep-2021 + Publication date :...
Loytec LINX Configurator 7.4.10 Insecure Transit / Cleartext Secrets
CVE : CVE-2023-46383, CVE-2023-46384, CVE-2023-46385 + Title : Multiple vulnerabilities in Loytec LINX Configurator + Vendor : LOYTEC electronics GmbH + Affected Products : LINX Configurator 7.4.10 + Affected Components : LINX Configurator + Discovery Date : 01-Sep-2021 + Publication date :...
CVE-2023-46382
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions use cleartext HTTP for login...