Loytec LINX Configurator 7.4.10 Vulnerability: Cleartext Transmission of Credentials

Loytec LINX Configurator 7.4.10 Vulnerability: Cleartext Transmission of Credentials

CVE-2023-46383 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration.

Learn more about our User Device Pen Test.