cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-22806,https://securityvulnerability.io/vulnerability/CVE-2021-22806,Incorrect Resource Transfer Vulnerability in Schneider Electric Products,"A vulnerability exists in Schneider Electric products that allows for potential data exfiltration and unauthorized access through malicious websites. This risk primarily affects versions V2.6.1 and earlier of spaceLYnk, Wiser for KNX, and fellerLYnk. Users should be aware of the implications of accessing untrusted websites, as it could lead to compromised security and breach of confidential information.",Schneider Electric,"Spacelynk (v2.6.1 And Prior), Wiser For Knx (v2.6.1 And Prior), Fellerlynk (v2.6.1 And Prior)",7.5,HIGH,0.0024900001008063555,false,,false,false,false,,,false,false,,2022-02-11T17:40:34.000Z,0
CVE-2022-22812,https://securityvulnerability.io/vulnerability/CVE-2022-22812,Cross-Site Scripting Vulnerability in Schneider Electric SpaceLYnk and Wiser for KNX,"A Cross-Site Scripting (XSS) vulnerability exists in Schneider Electric's spaceLYnk, Wiser for KNX, and fellerLYnk products, allowing attackers to inject arbitrary JavaScript code. This vulnerability can enable unauthorized access to web sessions, compromising sensitive information and user interactions in affected versions (V2.6.2 and prior). It is crucial for users of these products to implement security measures to mitigate risks associated with this vulnerability.",Schneider Electric,"Spacelynk (v2.6.2 And Prior), Wiser For Knx (formerly Homelynk) (v2.6.2 And Prior), Fellerlynk (v2.6.2 And Prior)",6.1,MEDIUM,0.0007800000021234155,false,,false,false,false,,,false,false,,2022-02-09T22:05:09.000Z,0
CVE-2022-22811,https://securityvulnerability.io/vulnerability/CVE-2022-22811,Cross-Site Request Forgery in Schneider Electric SpaceLYnk and Wiser for KNX,"A Cross-Site Request Forgery (CSRF) vulnerability in Schneider Electric's spaceLYnk, Wiser for KNX, and fellerLYnk products allows malicious actors to trick users into executing unintended commands. By luring users to a fraudulent website, an attacker could manipulate configurations and settings without direct interaction with the systems, leading to potential system misconfigurations and security lapses.",Schneider Electric,"Spacelynk (v2.6.2 And Prior), Wiser For Knx (formerly Homelynk) (v2.6.2 And Prior), Fellerlynk (v2.6.2 And Prior)",8.1,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2022-02-09T22:05:08.000Z,0
CVE-2022-22810,https://securityvulnerability.io/vulnerability/CVE-2022-22810,Improper Restriction of Authentication Attempts in spaceLYnk and Wiser for KNX by Schneider Electric,"The vulnerability in Schneider Electric's spaceLYnk and Wiser for KNX products allows an attacker to perform excessive authentication attempts, potentially granting unauthorized access. This flaw arises from inadequate restrictions on the number of login attempts, which could be exploited to manipulate admin accounts. Affected versions include spaceLYnk, Wiser for KNX, and fellerLYnk, all up to version 2.6.2.",Schneider Electric,"Spacelynk (v2.6.2 And Prior), Wiser For Knx (formerly Homelynk) (v2.6.2 And Prior), Fellerlynk (v2.6.2 And Prior)",9.8,CRITICAL,0.002899999963119626,false,,false,false,false,,,false,false,,2022-02-09T22:05:07.000Z,0
CVE-2022-22809,https://securityvulnerability.io/vulnerability/CVE-2022-22809,Missing Authentication Vulnerability in Schneider Electric's spaceLYnk and Wiser for KNX,"A vulnerability exists in Schneider Electric's products where the lack of authentication allows unauthorized users to modify sensitive touch configurations. This security flaw poses a risk to the integrity of device settings in spaceLYnk, Wiser for KNX, and fellerLYnk prior to version 2.6.2. An attacker exploiting this vulnerability could potentially alter configurations without appropriate credentials, compromising the security framework of these systems.",Schneider Electric,"Spacelynk (v2.6.2 And Prior), Wiser For Knx (formerly Homelynk) (v2.6.2 And Prior), Fellerlynk (v2.6.2 And Prior)",5.3,MEDIUM,0.0008399999933317304,false,,false,false,false,,,false,false,,2022-02-09T00:00:00.000Z,0
CVE-2021-22740,https://securityvulnerability.io/vulnerability/CVE-2021-22740,Information Exposure Vulnerability in Wiser For KNX and spaceLYnk by Schneider Electric,"An information exposure vulnerability exists in Schneider Electric's Wiser For KNX and spaceLYnk products, which may allow an unauthorized upload of files. This susceptibility can result in sensitive information being disclosed, potentially compromising the security of affected systems. It is crucial for users to be aware of this issue and implement appropriate mitigations to safeguard their environments.",Schneider Electric,Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior,6.5,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2021-05-26T19:20:07.000Z,0
CVE-2021-22739,https://securityvulnerability.io/vulnerability/CVE-2021-22739,Information Exposure Vulnerability in homeLYnk and spaceLYnk Products by Schneider Electric,"An information exposure vulnerability has been identified in Schneider Electric's homeLYnk (Wiser For KNX) and spaceLYnk devices. This issue can potentially allow unauthorized access to sensitive information during the initial configuration of these devices, posing a risk of compromise if not adequately addressed. Users of affected versions should apply the necessary updates to mitigate this vulnerability.",Schneider Electric,Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior,5.9,MEDIUM,0.0016799999866634607,false,,false,false,false,,,false,false,,2021-05-26T19:20:03.000Z,0
CVE-2021-22738,https://securityvulnerability.io/vulnerability/CVE-2021-22738,Cryptographic Algorithm Flaw in homeLYnk and spaceLYnk Products by Schneider Electric,"A vulnerability exists in Schneider Electric's homeLYnk (Wiser For KNX) and spaceLYnk products that allows attackers to exploit weaknesses in cryptographic algorithms. This flaw can potentially lead to unauthorized access when user credentials are exposed as a result of brute force attempts. Affected versions include spaceLYnk V2.60 and earlier, highlighting the importance of updates and robust security practices to mitigate potential breaches.",Schneider Electric,Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2021-05-26T19:19:59.000Z,0
CVE-2021-22736,https://securityvulnerability.io/vulnerability/CVE-2021-22736,Path Traversal Vulnerability in homeLYnk and spaceLYnk by Schneider Electric,"A path traversal vulnerability exists in Schneider Electric's homeLYnk (Wiser For KNX) and spaceLYnk systems, allowing unauthorized users to upload files. This improper limitation of a pathname to a restricted directory could lead to a denial of service, potentially compromising the availability of the affected systems. It is crucial for users of these products to ensure they are running the latest versions and apply any necessary patches to mitigate the risk associated with this vulnerability.",Schneider Electric,Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior,7.5,HIGH,0.001019999966956675,false,,false,false,false,,,false,false,,2021-05-26T19:19:49.000Z,0
CVE-2021-22735,https://securityvulnerability.io/vulnerability/CVE-2021-22735,Cryptographic Signature Flaw in Schneider Electric's Wiser For KNX and spaceLYnk,An improper verification of cryptographic signature vulnerability exists in Schneider Electric's Wiser For KNX and spaceLYnk products. This flaw could enable attackers to execute unauthorized code remotely if they manage to copy malicious scripts or applications onto the affected devices. The impact of this vulnerability underscores the importance of robust signature verification mechanisms in safeguarding against potential exploits.,Schneider Electric,Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior,7.2,HIGH,0.0034600000362843275,false,,false,false,false,,,false,false,,2021-05-26T19:19:43.000Z,0
CVE-2021-22734,https://securityvulnerability.io/vulnerability/CVE-2021-22734,Remote Code Execution Risk in Schneider Electric's homeLYnk and spaceLYnk Products,"An improper verification vulnerability exists in Schneider Electric’s homeLYnk (Wiser For KNX) and spaceLYnk products. This flaw allows an attacker to execute unauthorized code remotely, posing significant security risks to users. Affected versions include spaceLYnk V2.60 and earlier.",Schneider Electric,Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior,7.2,HIGH,0.0034600000362843275,false,,false,false,false,,,false,false,,2021-05-26T19:19:38.000Z,0
CVE-2021-22733,https://securityvulnerability.io/vulnerability/CVE-2021-22733,Improper Privilege Management in Wiser For KNX and spaceLYnk by Schneider Electric,"The vulnerability found in Wiser For KNX and spaceLYnk allows unauthorized code to be executed, potentially granting attackers shell access. This risk arises from improper privilege management within the system, which permits loading malicious scripts into the system folder. Users of these products are advised to implement security measures to mitigate this risk and ensure their systems are protected from exploitation.",Schneider Electric,Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2021-05-26T19:19:33.000Z,0
CVE-2021-22732,https://securityvulnerability.io/vulnerability/CVE-2021-22732,Improper Privilege Management in Schneider Electric's homeLYnk and spaceLYnk Products,"An improper privilege management flaw has been identified in Schneider Electric's homeLYnk and spaceLYnk systems. This vulnerability allows attackers to potentially execute unauthorized code on the web server, compromising the integrity and security of the affected products. Users of homeLYnk and spaceLYnk versions prior to V2.60 should apply the latest patches to mitigate the risk of exploitation.",Schneider Electric,Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior,7.8,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2021-05-26T19:19:28.000Z,0
CVE-2021-22737,https://securityvulnerability.io/vulnerability/CVE-2021-22737,Insufficiently Protected Credentials Vulnerability in HomeLYnk and spaceLYnk by Schneider Electric,"A vulnerability in HomeLYnk (Wiser For KNX) and spaceLYnk versions up to V2.60 allows attackers to gain unauthorized access due to insufficient protection of credentials. This could be exploited through brute force attack techniques, resulting in potential security breaches. Users are advised to implement stronger security measures and keep their software updated to mitigate such risks.",Schneider Electric,Homelynk (wiser For Knx) And Spacelynk V2.60 And Prior,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2021-05-26T00:00:00.000Z,0
CVE-2020-7525,https://securityvulnerability.io/vulnerability/CVE-2020-7525,Brute Force Vulnerability in SpaceLYnk and Wiser for KNX by Schneider Electric,"An improper restriction of excessive authentication attempts vulnerability affects all hardware versions of SpaceLYnk and Wiser for KNX. This flaw can be exploited by attackers using brute force techniques to guess user passwords, potentially compromising the security and integrity of the systems. Organizations using these products should implement additional security measures to safeguard against unauthorized access, such as account lockout policies and rate limiting. For further guidance, refer to Schneider Electric's security advisory.",Schneider Electric,All Hardware Versions Of Spacelynk And Wiser For Knx (formerly Homelynk),7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2020-08-31T16:12:54.000Z,0
CVE-2019-6832,https://securityvulnerability.io/vulnerability/CVE-2019-6832,Authentication Flaw in spaceLYnk and Wiser for KNX Products by Schneider Electric,"An authentication vulnerability in spaceLYnk and Wiser for KNX can allow an attacker to bypass authentication controls, leading to potential unauthorized access and loss of control over the affected systems. It is critical for users of these products to upgrade to versions 2.4.0 or later to mitigate this risk.",Schneider Electric,"Spacelynk,Wiser For Knx",8.3,HIGH,0.0017099999822676182,false,,false,false,false,,,false,false,,2019-09-17T19:31:14.000Z,0
CVE-2018-7779,https://securityvulnerability.io/vulnerability/CVE-2018-7779,,"In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP access could allow an attacker unauthorized access.",Schneider Electric,Wiser For Knx,7.5,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2018-04-19T00:00:00.000Z,0