LOYTEC Electronics LINX Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : LOYTEC electronics GmbH Equipment : LINX series Vulnerabilities : Cleartext Transmission of Sensitive Information, Missing Authentication for Critical Function,...

CVE-2023-46382

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions use cleartext HTTP for login...

CVE-2023-46380

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions send password-change requests via cleartext HTTP...

CVE-2023-46381

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions lack authentication for the preinstalled version of LWEB-802 via an lweb802pre/ URI. An unauthenticated attacker can edit any project or create a new project and control its GUI...

PT-2023-29989 · Loytec · Liob-588 +6

Name of the Vulnerable Software and Affected Versions: LOYTEC LINX-151 affected versions not specified LOYTEC LINX-212 version 6.2.4 LOYTEC LVIS-3ME12-A1 version 6.2.2 LOYTEC LIOB-586 version 6.2.3 LOYTEC LIOB-580 V2 affected versions not specified LOYTEC LIOB-588 affected versions not specified...