Schneider-Electric: >> Spacelynk Firmware >> 2.3.0 Security Vulnerabilities
Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a device to be compromised when it is first configured.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-05-26
Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause information to be exposed when an unauthorized file is uploaded.
CVSS Score
6.5
EPSS Score
0.003
Published
2021-05-26
Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-05-26
Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access when unauthorized code is loaded into the system folder.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-05-26
Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a password when brute force is used.
CVSS Score
7.5
EPSS Score
0.01
Published
2020-08-31
A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 - formerly known as homeLYnk), which could cause loss of control when an attacker bypasses the authentication.
CVSS Score
8.3
EPSS Score
0.001
Published
2019-09-17
Page 2