CVE

CVE-2023-46383

Severity:
HIGH
Type:
CWE-319 Cleartext Transmission of Sensitive Information
Publication date:
30/11/2023
Last modified:
14/12/2023

Description

LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:loytec:l-inx_configurator:7.4.10:*:*:*:*:*:*:*


botón arriba