Insecure Permissions in LINX Configurator 7.4.10: Cleartext Storage of Credentials and Authentication Bypass

Insecure Permissions in LINX Configurator 7.4.10: Cleartext Storage of Credentials and Authentication Bypass

CVE-2023-46384 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.

Learn more about our Web Application Penetration Testing UK.