Schneider-electric

Homelynk Firmware

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2021-22734

  • EPSS 0.85%
  • Veröffentlicht 26.05.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:50:33

Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthorized code.

7.2

CVE-2021-22735

  • EPSS 0.85%
  • Veröffentlicht 26.05.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:50:33

Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device.

7.5

CVE-2021-22736

  • EPSS 0.39%
  • Veröffentlicht 26.05.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:50:33

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a denial of service when an unauthorized file is uploaded.

9.8

CVE-2021-22737

  • EPSS 0.3%
  • Veröffentlicht 26.05.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:50:33

Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack.

9.8

CVE-2021-22738

  • EPSS 0.18%
  • Veröffentlicht 26.05.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:50:34

Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack.

5.9

CVE-2021-22739

  • EPSS 0.32%
  • Veröffentlicht 26.05.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:50:34

Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a device to be compromised when it is first configured.

6.5

CVE-2021-22740

  • EPSS 0.33%
  • Veröffentlicht 26.05.2021 20:15:09
  • Zuletzt bearbeitet 21.11.2024 05:50:34

Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause information to be exposed when an unauthorized file is uploaded.

7.8

CVE-2021-22732

  • EPSS 0.05%
  • Veröffentlicht 26.05.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:33

Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server.

7.8

CVE-2021-22733

  • EPSS 0.12%
  • Veröffentlicht 26.05.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:50:33

Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access when unauthorized code is loaded into the system folder.

7.5

CVE-2018-7779

  • EPSS 0.39%
  • Veröffentlicht 03.07.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 04:12:43

In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP access could allow an attacker unauthorized access.