Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knx vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-22812
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a web session compromise when an attacker injects and then executes arbitrary malicious JavaScript code inside the target browser. Affect...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
2.1
CVSSv2
CVE-2021-43575
KNX ETS6 up to and including 6.0.0 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information, a similar issue to CVE-2021-36799. NOTE: The vendor disputes this because it is not the responsibility of the ETS to...
Knx Engineering Tool Software 6 6.0.0
2.1
CVSSv2
CVE-2021-36799
KNX ETS5 up to and including 5.7.6 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev, allowing local users to read project information. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Knx Engineering Tool Software 5
1 Github repository
4.6
CVSSv2
CVE-2021-22733
Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access when unauthorized code is loaded into the system folder.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
5
CVSSv2
CVE-2021-22736
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a denial of service when an unauthorized file is uploaded.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
4.3
CVSSv2
CVE-2021-22739
Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a device to be compromised when it is first configured.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
4.6
CVSSv2
CVE-2021-22732
Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
6.5
CVSSv2
CVE-2021-22734
Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthorized code.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
6.5
CVSSv2
CVE-2021-22735
Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
5
CVSSv2
CVE-2021-22738
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »