Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knx vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-33276
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the suppl...
Gira Knx Ip Router Firmware 3.1.3683.0
Gira Knx Ip Router Firmware 3.3.8.0
7.5
CVSSv3
CVE-2023-33277
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote malicious user to read sensitive files via directory-traversal sequences in the URL.
Gira Knx Ip Router Firmware 3.1.3683.0
Gira Knx Ip Router Firmware 3.3.8.0
7.5
CVSSv3
CVE-2023-4346
KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the device. The BCU key feature on the devices can be used to create a password for the ...
Knx Connection Authorization -
9.8
CVSSv3
CVE-2015-8299
Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1.5 (Build 3246) allows remote malicious users to execute arbitrary code via a crafted KNXnet/IP UDP packet.
Knx Ets 4.1.5
1 Github repository
8.8
CVSSv3
CVE-2021-36799
KNX ETS5 up to and including 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Knx Engineering Tool Software 5
1 Github repository
5.5
CVSSv3
CVE-2021-43575
KNX ETS6 up to and including 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to...
Knx Engineering Tool Software 6 6.0.0
7.5
CVSSv3
CVE-2019-19643
ise smart connect KNX Vaillant 1.2.839 contain a Denial of Service.
Ise Smart Connect Knx Vaillant 1.2.839
7.5
CVSSv3
CVE-2020-7525
Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an malicious user to guess a password when brute force is used.
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
8.3
CVSSv3
CVE-2019-6832
A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions prior to 2.4.0) and Wiser for KNX (all versions prior to 2.4.0 - formerly known as homeLYnk), which could cause loss of control when an attacker bypasses the authentication.
Schneider-electric Wiser For Knx Firmware
Schneider-electric Spacelynk Firmware
5.3
CVSSv3
CVE-2022-22809
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify the touch configurations. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser fo...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »