3 matches found
CVE-2017-5157
CVE-2017-5157 affects Schneider Electric homeLYnk Controller (LSS100100) prior to v1.5.0. It is a cross-site scripting vulnerability where attacker-supplied input can execute JavaScript in a user’s browser. ICS-CERT advisory ICSA-17-019-01A notes CVSS v3.0 base score 6.3 and provides mitigations ...
Schneider Electric homeLYnk Controller
CVSS V3 6.3 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Schneider Electric Equipment: homeLYnk Controller, LSS100100 Vulnerability: Cross-site Scripting AFFECTED PRODUCTS Schneider Electric reports that the vulnerability affects the following products: homeLYnk Controller,...
Schneider Electric homeLYnk Controller (Update A)
CVSS V3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Schneider Electric Equipment: homeLYnk Controller, LSS100100 Vulnerability: Cross-site Scripting, Command Injection UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-019-01...