CVE

CVE-2023-46385

Severity:
HIGH
Type:
CWE-319 Cleartext Transmission of Sensitive Information
Publication date:
30/11/2023
Last modified:
14/12/2023

Description

LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:loytec:l-inx_configurator:7.4.10:*:*:*:*:*:*:*


botón arriba