31 matches found
LOYTEC Electronics LINX Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : LOYTEC electronics GmbH Equipment : LINX series Vulnerabilities : Cleartext Transmission of Sensitive Information, Missing Authentication for Critical Function,...
CVE-2023-46388
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...
CVE-2023-46389
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration...
CVE-2023-46388
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...
CVE-2023-46387
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...
CVE-2023-46388
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...
CVE-2023-46386
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...
CVE-2023-46389
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration...
CVE-2023-46387
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...
Design/Logic Flaw
LOYTEC electronics GmbH LINX-212 6.2.4 and LINX-151 7.2.4 are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...
Design/Logic Flaw
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...
Authentication flaw
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...
Remote file inclusion
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 Firmware 7.2.4 are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration...
CVE-2023-46388
LOYTEC LINX-212 and LINX-151 devices (all versions) are affected by CVE-2023-46388 due to Insecure Permissions via dpal_config.zml, enabling remote disclosure of SMTP client credentials and bypass of email authentication. The issue is tracked across multiple sources (including Red Hat and CISA IC...
PT-2023-29996 · Linx-212 +1 · Linx-212 +1
Name of the Vulnerable Software and Affected Versions: LINX-212 and LINX-151 devices all versions Description: The issue is related to Incorrect Access Control via the dpal config.zml file, allowing remote attackers to disclose sensitive information on device data point configuration...
LOYTEC LINX-212 Security Vulnerability
The LOYTEC LINX-212 is a building controller from LOYTEC. A security vulnerability exists in the LOYTEC LINX-212 version 6.2.4 and LINX-151 version 7.2.4, which stems from a vulnerability that allows an attacker to disclose sensitive information on the LINX configuration via the registry.xml file...
CVE-2023-46389
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration...
PT-2023-29997 · Loytec Electronics Gmbh · Linx-151 +1
Name of the Vulnerable Software and Affected Versions: LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions Description: The issue allows remote attackers to disclose smtp client account credentials and bypass email authentication due to insecure permissions via the dpal config.zml...
PT-2023-29998 · Loytec Electronics Gmbh · Linx-151 +1
Name of the Vulnerable Software and Affected Versions: LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions Description: The issue is related to Incorrect Access Control via the registry.xml file, allowing remote attackers to disclose sensitive information on LINX configuration...
CVE-2023-46387
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...