Summary
Detail | |||
---|---|---|---|
Vendor | Schneider-Electric | First view | 2018-07-03 |
Product | Homelynk Firmware | Last view | 2021-05-26 |
Version | Type | Os | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:o:schneider-electric:homelynk_firmware:2.0.1:*:*:*:*:*:*:* | 10 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.5 | 2021-05-26 | CVE-2021-22740 | Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause information to be exposed when an unauthorized file is uploaded. |
5.9 | 2021-05-26 | CVE-2021-22739 | Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a device to be compromised when it is first configured. |
9.8 | 2021-05-26 | CVE-2021-22738 | Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack. |
9.8 | 2021-05-26 | CVE-2021-22737 | Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack. |
7.5 | 2021-05-26 | CVE-2021-22736 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a denial of service when an unauthorized file is uploaded. |
7.2 | 2021-05-26 | CVE-2021-22735 | Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device. |
7.2 | 2021-05-26 | CVE-2021-22734 | Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthorized code. |
7.8 | 2021-05-26 | CVE-2021-22733 | Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access when unauthorized code is loaded into the system folder. |
7.8 | 2021-05-26 | CVE-2021-22732 | Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server. |
7.5 | 2018-07-03 | CVE-2018-7779 | In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP access could allow an attacker unauthorized access. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
22% (2) | CWE-347 | Improper Verification of Cryptographic Signature |
22% (2) | CWE-269 | Improper Privilege Management |
22% (2) | CWE-200 | Information Exposure |
11% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
11% (1) | CWE-307 | Improper Restriction of Excessive Authentication Attempts |
11% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |