Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Spacelynk_firmware
(Schneider\-Electric)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 17 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-08-31 | CVE-2020-7525 | Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a password when brute force is used. | Spacelynk_firmware, Wiser_for_knx_firmware | 7.5 | ||
| 2021-05-26 | CVE-2021-22732 | Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server. | Homelynk_firmware, Spacelynk_firmware | 7.8 | ||
| 2021-05-26 | CVE-2021-22733 | Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access when unauthorized code is loaded into the system folder. | Homelynk_firmware, Spacelynk_firmware | 7.8 | ||
| 2021-05-26 | CVE-2021-22734 | Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthorized code. | Homelynk_firmware, Spacelynk_firmware | 7.2 | ||
| 2021-05-26 | CVE-2021-22735 | Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device. | Homelynk_firmware, Spacelynk_firmware | 7.2 | ||
| 2021-05-26 | CVE-2021-22736 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a denial of service when an unauthorized file is uploaded. | Homelynk_firmware, Spacelynk_firmware | 7.5 | ||
| 2021-05-26 | CVE-2021-22737 | Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack. | Homelynk_firmware, Spacelynk_firmware | 9.8 |