GCVE - cpe:2.3:o:loytec:linx-151_firmware:7.2.4:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:loytec:linx-151_firmware:7.2.4:*:*:*:*:*:*:*

part: o version: 7.2.4 update: *

Vendor	Loytec (`6190caa2-852a-5dba-b6c8-40e7b31c6b3d`)
Product	Linx 151 Firmware (`d027344a-fb19-5ff3-90f3-02f0999770a4`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-46389`	vulnerable	2026-06-03 14:53:10.007363	Details available LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration. Published: 2023-11-30T00:00:00.000Z Updated: 2024-09-20T16:48:00.947Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2023/Nov/7 http://packetstormsecurity.com/files/175952/Loytec-L-INX-Automation-Servers-Information-Disclosure-Cleartext-Secrets.html https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/ https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46388`	vulnerable	2026-06-03 14:53:10.007020	Details available LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via dpal_config.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication. Published: 2023-11-30T00:00:00.000Z Updated: 2024-09-20T16:46:38.362Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2023/Nov/7 http://packetstormsecurity.com/files/175952/Loytec-L-INX-Automation-Servers-Information-Disclosure-Cleartext-Secrets.html https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/ https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46387`	vulnerable	2026-06-03 14:53:10.006661	Details available LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via dpal_config.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration. Published: 2023-11-30T00:00:00.000Z Updated: 2024-11-26T19:22:17.670Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2023/Nov/7 http://packetstormsecurity.com/files/175952/Loytec-L-INX-Automation-Servers-Information-Disclosure-Cleartext-Secrets.html https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/ https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-46386`	vulnerable	2026-06-03 14:53:10.006114	Details available LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication. Published: 2023-11-30T00:00:00.000Z Updated: 2024-09-20T16:43:34.463Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2023/Nov/7 http://packetstormsecurity.com/files/175952/Loytec-L-INX-Automation-Servers-Information-Disclosure-Cleartext-Secrets.html https://www.txone.com/blog/ten-unpatched-vulnerabilities-in-building-automation-products-identified-by-txone-networks/ https://www.cisa.gov/news-events/ics-advisories/icsa-24-247-01	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.