CVE-2023-46386
Severity:
HIGH
Type:
CWE-312
Cleartext Storage of Sensitive Information
Publication date:
30/11/2023
Last modified:
14/12/2023
Description
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:loytec:linx-212_firmware:6.2.4:*:*:*:*:*:*:* | ||
cpe:2.3:h:loytec:linx-212:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:loytec:linx-151_firmware:7.2.4:*:*:*:*:*:*:* | ||
cpe:2.3:h:loytec:linx-151:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page