← Back

Lvis 3me Firmware

lvis-3me_firmware

Vendor: Loytec • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-13998
1Loytec
1Lvis 3me Firmware
May 13, 2026
Oct 5, 2017
N/A· v4
7.5 HIGH· v3
6.0 MEDIUM· v2
An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not sufficiently protect sensitive information from unauthorized access.
CVE-2017-13996
1Loytec
1Lvis 3me Firmware
May 13, 2026
Oct 5, 2017
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which c...Show more
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code.Show less
CVE-2017-13994
1Loytec
1Lvis 3me Firmware
May 13, 2026
Oct 5, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web in...Show more
A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web interface is tricked into clicking a malicious link.Show less
CVE-2017-13992
1Loytec
1Lvis 3me Firmware
May 13, 2026
Oct 5, 2017
N/A· v4
8.1 HIGH· v3
6.8 MEDIUM· v2
An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could...Show more
An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution.Show less