LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NLoytec L Inx Configurator
APPLoytec7.4.10
Related vulnerabilities
LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usern...
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext stor...
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions vi...
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Contro...