16 matches found
LOYTEC Electronics LINX Series
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : LOYTEC electronics GmbH Equipment : LINX series Vulnerabilities : Cleartext Transmission of Sensitive Information, Missing Authentication for Critical Function,...
CVE-2023-46382
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions use cleartext HTTP for login...
CVE-2023-46382
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions use cleartext HTTP for login...
CVE-2023-46381
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions lack authentication for the preinstalled version of LWEB-802 via an lweb802pre/ URI. An unauthenticated attacker can edit any project or create a new project and control its GUI...
CVE-2023-46380
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions send password-change requests via cleartext HTTP...
Design/Logic Flaw
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3 devices use cleartext HTTP for login...
Authentication flaw
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3 devices lack authentication for the preinstalled version of LWEB-802 via an lweb802pre/ URI. An unauthenticated attacker can edit any project or create a new project and control its GUI...
Design/Logic Flaw
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3 devices send password-change requests via cleartext HTTP...
CVE-2023-46380
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions send password-change requests via cleartext HTTP...
CVE-2023-46381
CVE-2023-46381 affects LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, and L-INX Configurator devices . The vulnerability is missing authentication for the preinstalled version of LWEB-802 via the lweb802_pre/ URI , allowing an unauthenticated attacker to edit any proje...
CVE-2023-46381
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions lack authentication for the preinstalled version of LWEB-802 via an lweb802pre/ URI. An unauthenticated attacker can edit any project or create a new project and control its GUI...
CVE-2023-46381
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions lack authentication for the preinstalled version of LWEB-802 via an lweb802pre/ URI. An unauthenticated attacker can edit any project or create a new project and control its GUI...
CVE-2023-46380
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions send password-change requests via cleartext HTTP...
CVE-2023-46380
LOYTEC LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588 and L-INX Configurator devices (all versions) are affected by CVE-2023-46380 due to password-change requests being sent in cleartext via HTTP. This enables potential password disclosure over the network (and, per rel...
CVE-2023-46382
CVE-2023-46382 affects LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, and L-INX Configurator devices (all versions) with cleartext HTTP login. The connected ICS advisory confirms remote exploitation potential via unencrypted credentials and lists affected firmware for ...
PT-2023-29989 · Loytec · Liob-588 +6
Name of the Vulnerable Software and Affected Versions: LOYTEC LINX-151 affected versions not specified LOYTEC LINX-212 version 6.2.4 LOYTEC LVIS-3ME12-A1 version 6.2.2 LOYTEC LIOB-586 version 6.2.3 LOYTEC LIOB-580 V2 affected versions not specified LOYTEC LIOB-588 affected versions not specified...