← Back

Loytec

loytec

18 CVEs • 18 products

Products (18)

Click to collapse
Toggle
Linx 212 Firmware
linx-212_firmware
7 CVEs
Lvis 3me Firmware
lvis-3me_firmware
4 CVEs
Linx 151 Firmware
linx-151_firmware
4 CVEs
Lgate 902 Firmware
lgate-902_firmware
3 CVEs
Lvis 3me12 A1 Firmware
lvis-3me12-a1_firmware
3 CVEs
Liob 586 Firmware
liob-586_firmware
3 CVEs
L Inx Configurator
l-inx_configurator
3 CVEs
L Switch And L Ip Firmware
l-switch_and_l-ip_firmware
1 CVE
Linx 100
linx-100
0 CVEs
Lip 3ectb
lip-3ectb
0 CVEs
Lip Me201
lip-me201
0 CVEs
Lvis 3e100
lvis-3e100
0 CVEs
Lvis 3me
lvis-3me
0 CVEs
Lgate 902
lgate-902
0 CVEs
Linx 212
linx-212
0 CVEs
Lvis 3me12 A1
lvis-3me12-a1
0 CVEs
Liob 586
liob-586
0 CVEs
Linx 151
linx-151
0 CVEs

CVEs (18)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-46389
1Loytec
2Linx 151 Firmware
Linx 212 Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX...Show more
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via registry.xml file. This vulnerability allows remote attackers to disclose sensitive information on LINX configuration.Show less
CVE-2023-46388
1Loytec
2Linx 151 Firmware
Linx 212 Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via dpal_config.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials...Show more
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via dpal_config.zml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.Show less
CVE-2023-46387
1Loytec
2Linx 151 Firmware
Linx 212 Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via dpal_config.zml file. This vulnerability allows remote attackers to disclose sensitive information on Lo...Show more
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Incorrect Access Control via dpal_config.zml file. This vulnerability allows remote attackers to disclose sensitive information on Loytec device data point configuration.Show less
CVE-2023-46386
1Loytec
2Linx 151 Firmware
Linx 212 Firmware
Nov 21, 2024
Nov 30, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials an...Show more
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client account credentials and bypass email authentication.Show less
CVE-2023-46385
1Loytec
1L Inx Configurator
Nov 4, 2025
Nov 30, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the pa...Show more
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote attackers to steal the password and gain full control of Loytec device configuration.Show less
CVE-2023-46384
1Loytec
1L Inx Configurator
Nov 4, 2025
Nov 30, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Lo...Show more
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.Show less
CVE-2023-46383
1Loytec
1L Inx Configurator
Nov 4, 2025
Nov 30, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full...Show more
LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the password and gain full control of Loytec device configuration.Show less
CVE-2023-46382
1Loytec
3Linx 212 Firmware
Liob 586 FirmwareLvis 3me12 A1 Firmware
Nov 4, 2025
Nov 4, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login.
CVE-2023-46381
1Loytec
3Linx 212 Firmware
Liob 586 FirmwareLvis 3me12 A1 Firmware
Nov 4, 2025
Nov 4, 2023
N/A· v4
8.2 HIGH· v3
N/A· v2
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. An unauthenticate...Show more
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. An unauthenticated attacker can edit any project (or create a new project) and control its GUI.Show less
CVE-2023-46380
1Loytec
3Linx 212 Firmware
Liob 586 FirmwareLvis 3me12 A1 Firmware
Nov 4, 2025
Nov 4, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP.
CVE-2018-14918
1Loytec
1Lgate 902 Firmware
Nov 21, 2024
Jun 28, 2019
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal.
CVE-2018-14916
1Loytec
1Lgate 902 Firmware
Nov 21, 2024
Jun 28, 2019
N/A· v4
9.1 CRITICAL· v3
9.4 HIGH· v2
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion.
CVE-2018-14919
1Loytec
1Lgate 902 Firmware
Nov 21, 2024
Jun 28, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
LOYTEC LGATE-902 6.3.2 devices allow XSS.
CVE-2017-13998
1Loytec
1Lvis 3me Firmware
May 13, 2026
Oct 5, 2017
N/A· v4
7.5 HIGH· v3
6.0 MEDIUM· v2
An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not sufficiently protect sensitive information from unauthorized access.
CVE-2017-13996
1Loytec
1Lvis 3me Firmware
May 13, 2026
Oct 5, 2017
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which c...Show more
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web user interface fails to prevent access to critical files that non administrative users should not have access to, which could allow an attacker to create or modify files or execute arbitrary code.Show less
CVE-2017-13994
1Loytec
1Lvis 3me Firmware
May 13, 2026
Oct 5, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web in...Show more
A Cross-site Scripting issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The web interface lacks proper web request validation, which could allow XSS attacks to occur if an authenticated user of the web interface is tricked into clicking a malicious link.Show less
CVE-2017-13992
1Loytec
1Lvis 3me Firmware
May 13, 2026
Oct 5, 2017
N/A· v4
8.1 HIGH· v3
6.8 MEDIUM· v2
An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could...Show more
An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution.Show less
CVE-2015-7906
1Loytec
1L Switch And L Ip Firmware
May 6, 2026
Dec 21, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors.