Vulnerability Details CVE-2021-22767
A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service or remote code execution via a specially crafted HTTP packet.This CVE ID is unique from CVE-2021-2276
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2021-22767
-
cpe:2.3:h:schneider-electric:powerlogic_egx100:-
-
cpe:2.3:h:schneider-electric:powerlogic_egx300:-
-
cpe:2.3:o:schneider-electric:powerlogic_egx100_firmware:3.0.0
-
cpe:2.3:o:schneider-electric:powerlogic_egx300_firmware:-