Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knx vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-7525
Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an malicious user to guess a password when brute force is used.
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
9.8
CVSSv3
CVE-2021-22738
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
8.8
CVSSv3
CVE-2023-25556
A CWE-287: Improper Authentication vulnerability exists that could allow a device to be compromised when a key of less than seven digits is entered and the attacker has access to the KNX installation.
Schneider-electric Merten Instabus Tastermodul 1fach System M Firmware 1.0
Schneider-electric Merten Instabus Tastermodul 2fach System M Firmware 1.0
Schneider-electric Merten Tasterschnittstelle 4fach Plus Firmware 1.0
Schneider-electric Merten Tasterschnittstelle 4fach Plus Firmware 1.2
Schneider-electric Merten Knx Argus 180\\/2\\,20m Up System Firmware 1.0
Schneider-electric Merten Jalousie-\\/schaltaktor Reg-k\\/8x\\/16x\\/10 M. Hb Firmware 1.0
Schneider-electric Merten Knx Uni-dimmaktor Ll Reg-k\\/2x230\\/300 W Firmware 1.0
Schneider-electric Merten Knx Uni-dimmaktor Ll Reg-k\\/2x230\\/300 W Firmware 1.1
Schneider-electric Merten Knx Schaltakt.2x6a Up M.2 Eing. Firmware 0.1
7.5
CVSSv3
CVE-2021-22736
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a denial of service when an unauthorized file is uploaded.
Schneider-electric Spacelynk Firmware
Schneider-electric Homelynk Firmware
8.3
CVSSv3
CVE-2019-6832
A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions prior to 2.4.0) and Wiser for KNX (all versions prior to 2.4.0 - formerly known as homeLYnk), which could cause loss of control when an attacker bypasses the authentication.
Schneider-electric Wiser For Knx Firmware
Schneider-electric Spacelynk Firmware
7.5
CVSSv3
CVE-2021-22806
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk (V2.6.1 and prior), Wiser for KNX (V2.6.1 and prior), fellerLYnk (V2.6.1 and prio...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
9.8
CVSSv3
CVE-2022-22810
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an malicious user to manipulate the admin after numerous attempts at guessing credentials. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) ...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
5.3
CVSSv3
CVE-2022-22809
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify the touch configurations. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser fo...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
7.5
CVSSv3
CVE-2021-37740
A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote malicious user to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until t...
Mdt Scn-ip000.03 Firmware
Mdt Scn-ip100.03 Firmware
1 Github repository
8.1
CVSSv3
CVE-2022-22811
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could induce users to perform unintended actions, leading to the override of the system?s configurations when an attacker persuades a user to visit a rogue website. Affected Product: spaceLYnk (V2.6.2 and prio...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »