LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.
References
Configurations
History
20 Sep 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | (en) LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device. |
14 Dec 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
06 Dec 2023, 18:47
Type | Values Removed | Values Added |
---|---|---|
First Time |
Loytec
Loytec l-inx Configurator |
|
CPE | cpe:2.3:a:loytec:l-inx_configurator:7.4.10:*:*:*:*:*:*:* | |
CWE | CWE-312 | |
References | () https://seclists.org/fulldisclosure/2023/Nov/6 - Mailing List, Third Party Advisory | |
References | () https://packetstormsecurity.com/files/175951/Loytec-LINX-Configurator-7.4.10-Insecure-Transit-Cleartext-Secrets.html - Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
30 Nov 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-30 23:15
Updated : 2024-09-20 17:15
NVD link : CVE-2023-46384
Mitre link : CVE-2023-46384
CVE.ORG link : CVE-2023-46384
JSON object : View
Products Affected
loytec
- l-inx_configurator
CWE
CWE-312
Cleartext Storage of Sensitive Information