Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
schneider-electric wiser for knx firmware vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-22806
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk (V2.6.1 and prior), Wiser for KNX (V2.6.1 and prior), fellerLYnk (V2.6.1 and prio...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
5.3
CVSSv3
CVE-2022-22809
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify the touch configurations. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser fo...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
9.8
CVSSv3
CVE-2022-22810
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an malicious user to manipulate the admin after numerous attempts at guessing credentials. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) ...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
8.1
CVSSv3
CVE-2022-22811
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could induce users to perform unintended actions, leading to the override of the system?s configurations when an attacker persuades a user to visit a rogue website. Affected Product: spaceLYnk (V2.6.2 and prio...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
6.1
CVSSv3
CVE-2022-22812
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a web session compromise when an attacker injects and then executes arbitrary malicious JavaScript code inside the target browser. Affect...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
7.8
CVSSv3
CVE-2021-22732
Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
7.8
CVSSv3
CVE-2021-22733
Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access when unauthorized code is loaded into the system folder.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
7.2
CVSSv3
CVE-2021-22735
Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
9.8
CVSSv3
CVE-2021-22737
Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
7.2
CVSSv3
CVE-2021-22734
Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthorized code.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »