cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-30236,https://securityvulnerability.io/vulnerability/CVE-2022-30236,Cross-Domain Access Vulnerability in Wiser Smart Products by Schneider Electric,"A security vulnerability in Schneider Electric's Wiser Smart products allows attackers to exploit cross-domain access mechanisms. This could enable unauthorized access to sensitive resources, highlighting a critical need for improved resource management and security measures in the affected versions (V4.5 and prior) of EER21000 and EER21001 devices.",Schneider Electric,Wiser Smart,8.2,HIGH,0.0016799999866634607,false,,false,false,false,,,false,false,,2022-06-02T23:15:00.000Z,0
CVE-2022-30237,https://securityvulnerability.io/vulnerability/CVE-2022-30237,Missing Encryption Vulnerability in Wiser Smart Products by Schneider Electric,"A vulnerability exists in Schneider Electric's Wiser Smart products that could permit unauthorized access to authentication credentials. This security flaw arises due to the absence of robust encryption for sensitive data, which means attackers can potentially recover these credentials when they decode the stored information. Users of affected Wiser Smart versions should review their security protocols to mitigate risks associated with this vulnerability.",Schneider Electric,Wiser Smart,8.2,HIGH,0.001069999998435378,false,,false,false,false,,,false,false,,2022-06-02T23:15:00.000Z,0
CVE-2022-30234,https://securityvulnerability.io/vulnerability/CVE-2022-30234,Use of Hard-coded Credentials in Wiser Smart Products by Schneider Electric,"A vulnerability exists in Schneider Electric's Wiser Smart product line that utilizes hard-coded credentials, potentially allowing unauthorized access and arbitrary code execution. This flaw affects versions V4.5 and earlier of the EER21000 and EER21001 models, highlighting the importance of addressing credential management within connected devices to enhance overall security.",Schneider Electric,Wiser Smart,9.4,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-06-02T23:15:00.000Z,0
CVE-2022-30235,https://securityvulnerability.io/vulnerability/CVE-2022-30235,Improper Restriction of Excessive Authentication Attempts in Wiser Smart by Schneider Electric,"An issue exists in Wiser Smart that allows attackers to exploit improper restrictions on authentication attempts, facilitating unauthorized access through brute force methods. This vulnerability primarily affects EER21000 and EER21001 models running version V4.5 or earlier. Organizations using these devices should take immediate action to mitigate potential security risks associated with this flaw.",Schneider Electric,Wiser Smart,8.6,HIGH,0.002219999907538295,false,,false,false,false,,,false,false,,2022-06-02T23:15:00.000Z,0
CVE-2022-30238,https://securityvulnerability.io/vulnerability/CVE-2022-30238,Improper Authentication in Wiser Smart Products by Schneider Electric,"An improper authentication vulnerability allows attackers to hijack user sessions, gaining unauthorized access to administrator privileges in Wiser Smart products. This may lead to potential compromises of sensitive configurations and administrative controls. It is crucial for users of affected versions to apply recommended patches and enhance their security measures to protect against unauthorized access.",Schneider Electric,Wiser Smart,8.3,HIGH,0.001019999966956675,false,,false,false,false,,,false,false,,2022-06-02T23:15:00.000Z,0
CVE-2022-30233,https://securityvulnerability.io/vulnerability/CVE-2022-30233,Input Validation Flaw in Wiser Smart Products by Schneider Electric,"An improper input validation vulnerability affects Schneider Electric's Wiser Smart products, specifically models EER21000 and EER21001 in version V4.5 and earlier. This flaw enables attackers to exploit the system by tricking users into performing unintended actions on affected web pages. Such manipulation can lead to unauthorized access or disruption of services.",Schneider Electric,Wiser Smart,6.5,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2022-05-10T00:00:00.000Z,0