Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knx vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-4346
KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the device. The BCU key feature on the devices can be used to create a password for the ...
Knx Connection Authorization -
6.1
CVSSv3
CVE-2023-33276
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the suppl...
Gira Knx Ip Router Firmware 3.1.3683.0
Gira Knx Ip Router Firmware 3.3.8.0
7.5
CVSSv3
CVE-2023-33277
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote malicious user to read sensitive files via directory-traversal sequences in the URL.
Gira Knx Ip Router Firmware 3.1.3683.0
Gira Knx Ip Router Firmware 3.3.8.0
8.8
CVSSv3
CVE-2023-25556
A CWE-287: Improper Authentication vulnerability exists that could allow a device to be compromised when a key of less than seven digits is entered and the attacker has access to the KNX installation.
Schneider-electric Merten Instabus Tastermodul 1fach System M Firmware 1.0
Schneider-electric Merten Instabus Tastermodul 2fach System M Firmware 1.0
Schneider-electric Merten Tasterschnittstelle 4fach Plus Firmware 1.0
Schneider-electric Merten Tasterschnittstelle 4fach Plus Firmware 1.2
Schneider-electric Merten Knx Argus 180\\/2\\,20m Up System Firmware 1.0
Schneider-electric Merten Jalousie-\\/schaltaktor Reg-k\\/8x\\/16x\\/10 M. Hb Firmware 1.0
Schneider-electric Merten Knx Uni-dimmaktor Ll Reg-k\\/2x230\\/300 W Firmware 1.0
Schneider-electric Merten Knx Uni-dimmaktor Ll Reg-k\\/2x230\\/300 W Firmware 1.1
Schneider-electric Merten Knx Schaltakt.2x6a Up M.2 Eing. Firmware 0.1
7.8
CVSSv3
CVE-2017-20084
A vulnerability has been found in JUNG Smart Visu Server 1.0.804/1.0.830/1.0.832 and classified as critical. Affected by this vulnerability is an unknown functionality of the component KNX Group Address. The manipulation leads to backdoor. Local access is required to approach thi...
Jung-group Smart Visu Server Firmware 1.0.804
Jung-group Smart Visu Server Firmware 1.0.830
Jung-group Smart Visu Server Firmware 1.0.832
7.5
CVSSv3
CVE-2021-37740
A denial of service vulnerability exists in MDT's firmware for the KNXnet/IP Secure router SCN-IP100.03 and KNX IP interface SCN-IP000.03 before v3.0.4, that allows a remote malicious user to turn the device unresponsive to all requests on the KNXnet/IP Secure layer, until t...
Mdt Scn-ip000.03 Firmware
Mdt Scn-ip100.03 Firmware
1 Github repository
7.5
CVSSv3
CVE-2021-22806
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk (V2.6.1 and prior), Wiser for KNX (V2.6.1 and prior), fellerLYnk (V2.6.1 and prio...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
5.3
CVSSv3
CVE-2022-22809
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify the touch configurations. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser fo...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
9.8
CVSSv3
CVE-2022-22810
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an malicious user to manipulate the admin after numerous attempts at guessing credentials. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) ...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
8.1
CVSSv3
CVE-2022-22811
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could induce users to perform unintended actions, leading to the override of the system?s configurations when an attacker persuades a user to visit a rogue website. Affected Product: spaceLYnk (V2.6.2 and prio...
Schneider-electric Spacelynk Firmware
Schneider-electric Wiser For Knx Firmware
Schneider-electric Fellerlynk Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »