Lucene search
K

19 matches found

OSV
OSV
added 2023/11/30 11:15 p.m.4 views

CVE-2023-46388

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via dpalconfig.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...

7.5CVSS5.8AI score0.01522EPSS
Exploits2References4
OSV
OSV
added 2023/11/30 11:15 p.m.5 views

CVE-2023-46389

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration...

7.5CVSS5.7AI score0.01973EPSS
Exploits2References4
OSV
OSV
added 2023/11/30 11:15 p.m.5 views

CVE-2023-46386

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication...

7.5CVSS5.8AI score0.01573EPSS
Exploits2References4
Prion
Prion
added 2023/11/30 11:15 p.m.23 views

Remote file inclusion

LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 Firmware 7.2.4 are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration...

5CVSS6.8AI score0.01973EPSS
Exploits2References3Affected Software2
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.3 views

LOYTEC LINX-212 Security Vulnerability

The LOYTEC LINX-212 is a building controller from LOYTEC. A security vulnerability exists in the LOYTEC LINX-212 version 6.2.4 and LINX-151 version 7.2.4, which stems from a vulnerability that allows an attacker to disclose smtp client account credentials and bypass email authentication via the...

7.5CVSS6.9AI score0.01522EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2023/11/30 12:0 a.m.10 views

CVE-2023-46387

LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...

6.6AI score0.01973EPSS
Exploits2References4
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.4 views

LOYTEC LINX-212 Security Vulnerability

The LOYTEC LINX-212 is a building controller from LOYTEC. A security vulnerability exists in the LOYTEC LINX-212 version 6.2.4 and LINX-151 version 7.2.4, which stems from a vulnerability that allows an attacker to disclose sensitive information on the LINX configuration via the registry.xml file...

7.5CVSS6.3AI score0.01973EPSS
Exploits2References5
OSV
OSV
added 2023/11/04 11:15 p.m.6 views

CVE-2023-46382

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions use cleartext HTTP for login...

7.5CVSS5.8AI score0.02521EPSS
Exploits2References5
NVD
NVD
added 2023/11/04 11:15 p.m.25 views

CVE-2023-46381

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions lack authentication for the preinstalled version of LWEB-802 via an lweb802pre/ URI. An unauthenticated attacker can edit any project or create a new project and control its GUI...

8.2CVSS8.5AI score0.07381EPSS
Exploits2References5
NVD
NVD
added 2023/11/04 11:15 p.m.19 views

CVE-2023-46380

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions send password-change requests via cleartext HTTP...

7.5CVSS7.7AI score0.02521EPSS
Exploits2References5
Prion
Prion
added 2023/11/04 11:15 p.m.25 views

Design/Logic Flaw

LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3 devices use cleartext HTTP for login...

5CVSS7.4AI score0.02521EPSS
Exploits2References3Affected Software3
Prion
Prion
added 2023/11/04 11:15 p.m.13 views

Authentication flaw

LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3 devices lack authentication for the preinstalled version of LWEB-802 via an lweb802pre/ URI. An unauthenticated attacker can edit any project or create a new project and control its GUI...

6.4CVSS7.6AI score0.07381EPSS
Exploits2References3Affected Software3
Prion
Prion
added 2023/11/04 11:15 p.m.15 views

Design/Logic Flaw

LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3 devices send password-change requests via cleartext HTTP...

5CVSS7.3AI score0.02521EPSS
Exploits2References3Affected Software3
CVE
CVE
added 2023/11/04 12:0 a.m.70 views

CVE-2023-46380

LOYTEC LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588 and L-INX Configurator devices (all versions) are affected by CVE-2023-46380 due to password-change requests being sent in cleartext via HTTP. This enables potential password disclosure over the network (and, per rel...

7.5CVSS7.8AI score0.02521EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2023/11/04 12:0 a.m.29 views

CVE-2023-46381

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions lack authentication for the preinstalled version of LWEB-802 via an lweb802pre/ URI. An unauthenticated attacker can edit any project or create a new project and control its GUI...

8.7AI score0.07381EPSS
Exploits2References4
CNNVD
CNNVD
added 2023/11/04 12:0 a.m.9 views

LOYTEC LINX-212 Access Control Error Vulnerability

The LOYTEC LINX-212 is a building controller from LOYTEC. An access control error vulnerability exists in the LOYTEC LINX-212 6.2.4 firmware version, which stems from a lack of authentication on the Web user interface, and can be exploited by an attacker to edit or delete current Web items, chang...

8.2CVSS6.9AI score0.07381EPSS
Exploits2References5
CNNVD
CNNVD
added 2023/11/04 12:0 a.m.8 views

LOYTEC LINX-212 Security Vulnerability

The LOYTEC LINX-212 is a building controller from LOYTEC. A security vulnerability exists in the LOYTEC LINX-212 6.2.4 firmware version that originates when a password change request is transmitted in clear text when sent on the web interface, resulting in information theft and account theft...

7.5CVSS6.7AI score0.02521EPSS
Exploits2References5
CNNVD
CNNVD
added 2023/11/04 12:0 a.m.6 views

LOYTEC LINX-212 Security Vulnerability

LOYTEC LINX-212 is a building controller from LOYTEC. A security vulnerability exists in the LOYTEC LINX-212 6.2.4 firmware version. The vulnerability stems from the fact that the Web user interface requires login credentials for critical information data, debugging, configurations, etc., but the...

7.5CVSS6.8AI score0.02521EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2023/11/04 12:0 a.m.17 views

CVE-2023-46381

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices all versions lack authentication for the preinstalled version of LWEB-802 via an lweb802pre/ URI. An unauthenticated attacker can edit any project or create a new project and control its GUI...

7.7AI score0.07381EPSS
Exploits2References4
Rows per page
Query Builder