HIGH✓ PATCH🇬🇧 English

CVE-2023-46386

CVSS 7.5v3.1pub. 2023-11-30upd. 2024-11-21

LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Loytec Linx 151

    HW
    Loytec
    wszystkie wersje
  • Loytec Linx 151 Firmware

    OS
    Loytec
    7.2.4
  • Loytec Linx 212

    HW
    Loytec
    wszystkie wersje
  • Loytec Linx 212 Firmware

    OS
    Loytec
    6.2.4
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2023-46387HIGH7.5ten sam produkt

LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Contro...

CVE-2023-46388HIGH7.5ten sam produkt

LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions vi...

CVE-2023-46389HIGH7.5ten sam produkt

LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Contro...

CVE-2023-46380HIGH7.5ten sam produkt

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all ver...

CVE-2023-46381HIGH8.2ten sam produkt

LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all ver...