6 matches found
CVE-2018-14916
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion...
CVE-2018-14919
LOYTEC LGATE-902 6.3.2 devices allow XSS...
CVE-2023-46385
LOYTEC electronics GmbH LINX Configurator all versions is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration...
CVE-2023-46387
LOYTEC electronics GmbH LINX-212 and LINX-151 devices all versions are vulnerable to Incorrect Access Control via dpalconfig.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration...
Authentication flaw
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device...
CVE-2023-46385
LOYTEC electronics GmbH LINX Configurator all versions is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration...