Loytec L-INX Automation Servers, L-IOB I/O Controllers, L-VIS Touch Panels Cleartext Transmission of Sensitive Information Vulnerability



CVE ID CVE-2023-46380
Severity High
Affected Vendors LOYTEC electronics GmbH
Affected Products LINX-212 firmware 6.2.4, LVIS-3ME12-A1 firmware 6.2.2, LIOB-586 firmware 6.2.3
Vulnerability Details Password change request on the web interface on LOYTEC devices is sent in clear text over HTTP, and this allows information theft and account takeover via network sniffing.
Solutions & Rules N/A
Credit Chizuru Toyama of TXOne Networks