Schneider-electric Spacelynk Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Schneider-electric Spacelynk Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2022-22810 — CVSS 9.8 (critical): A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an attacker to manipulate the…
CVE-2021-22738 — CVSS 9.8 (critical): Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could…
CVE-2021-22737 — CVSS 9.8 (critical): Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause…
CVE-2019-6832 — CVSS 8.3 (high): A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 -…
CVE-2022-22811 — CVSS 8.1 (high): A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could induce users to perform unintended actions, leading to the…
CVE-2021-22732 — CVSS 7.8 (high): Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code…
CVE-2021-22733 — CVSS 7.8 (high): Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access…
CVE-2018-7779 — CVSS 7.5 (high): In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP…
CVE-2020-7525 — CVSS 7.5 (high): Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX…
CVE-2021-22736 — CVSS 7.5 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and…
CVE-2021-22806 — CVSS 7.5 (high): A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when…
CVE-2021-22735 — CVSS 7.2 (high): Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could…
CVE-2021-22734 — CVSS 7.2 (high): Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could…
CVE-2021-22740 — CVSS 6.5 (medium): Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause information to be…
CVE-2022-22812 — CVSS 6.1 (medium): A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a web…
CVE-2021-22739 — CVSS 5.9 (medium): Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a device to be…
CVE-2022-22809 — CVSS 5.3 (medium): A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in…