Insufficient Entropy in LOYTEC LVIS-3ME Web Interface Authentication Mechanism Allows Remote Code Execution

Insufficient Entropy in LOYTEC LVIS-3ME Web Interface Authentication Mechanism Allows Remote Code Execution

CVE-2017-13992 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution.

Learn more about our Web App Pen Testing.