2 matches found
CVE-2017-7689
Schneider Electric homeLYnk Controller (all versions prior to 1.5.0) is affected by CVE-2017-7689 (Command Injection). The issue arises from network features that can be manipulated via specially crafted POST requests, and exploits require user interaction to trigger. CVSSv3 base score 9.8 (CRITI...
Schneider Electric homeLYnk Controller (Update A)
CVSS V3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit Vendor: Schneider Electric Equipment: homeLYnk Controller, LSS100100 Vulnerability: Cross-site Scripting, Command Injection UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-019-01...