HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2023-46384

CVSS 7.5v3.1pub. 2023-11-30upd. 2025-11-04

LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Loytec L Inx Configurator

    APP
    Loytec
    7.4.10
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2023-46383HIGH7.5ten sam produkt

LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usern...

CVE-2023-46385HIGH7.5ten sam produkt

LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. An admin crede...

CVE-2018-14916CRITICAL9.1ten sam vendor

LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.

CVE-2023-46386HIGH7.5ten sam vendor

LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions vi...

CVE-2023-46387HIGH7.5ten sam vendor

LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Contro...