Lucene search
K

154 matches found

Cvelist
Cvelist
added 2022/06/02 10:45 p.m.19 views

CVE-2022-30232

A CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code execution when an attacker is able to intercept and modify a request on the same network or has configuration access to an ION device on the network. Affected Products: Wiser Smart, EER21000 & EER21001...

8CVSS9.1AI score0.01142EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.4 views

Schneider Electric Wiser Smart 授权问题漏洞

Schneider Electric Wiser Smart is a complete connected home solution from Schneider Electric, France. It brings comfort, convenience and security to the home. Schneider Electric Wiser Smart has an authorization issue vulnerability that stems from incorrect authentication...

8.8CVSS7.9AI score0.00916EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.4 views

Schneider Electric Wiser Smart 安全漏洞

Schneider Electric Wiser Smart is a complete connected home solution from Schneider Electric, France. It brings comfort, convenience and security to the home. A security vulnerability exists in the Schneider Electric Wiser Smart that stems from sensitive data not being encrypted...

8.2CVSS7.3AI score0.00294EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.5 views

Schneider Electric Wiser Smart 安全漏洞

Schneider Electric Wiser Smart is a complete connected home solution from Schneider Electric, France. It brings comfort, convenience and security to the home. A security vulnerability exists in Schneider Electric Wiser Smart. No information about this vulnerability is available at this time, plea...

8.2CVSS7.7AI score0.00731EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2022/05/30 12:0 a.m.290 views

Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Remote Root

!/usr/bin/env python3 -- coding: utf-8 -- Schneider Electric C-Bus Automation Controller 5500SHAC 1.10 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com | https://www.clipsal.com Product details: -...

0.6AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/05/10 7:0 a.m.2 views

CVE-2022-30234

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

10CVSS7.5AI score0.01063EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/10 7:0 a.m.4 views

CVE-2022-30235

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow unauthorized access when an attacker uses brute force. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

9.8CVSS7.3AI score0.00928EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/10 7:0 a.m.2 views

CVE-2022-30236

A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

8.2CVSS7.3AI score0.00731EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/10 7:0 a.m.4 views

CVE-2022-30237

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow authentication credentials to be recovered when an attacker breaks the encoding. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

8.2CVSS7.1AI score0.00294EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/10 7:0 a.m.2 views

CVE-2022-30233

A CWE-20: Improper Input Validation vulnerability exists that could allow the product to be maliciously manipulated when the user is tricked into performing certain actions on a webpage. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

6.5CVSS6.6AI score0.00672EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/10 7:0 a.m.2 views

CVE-2022-30238

A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over the admin account when an attacker hijacks a session. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...

8.8CVSS7.3AI score0.00916EPSS
Exploits0References2
NVD
NVD
added 2022/03/09 11:15 p.m.16 views

CVE-2021-22783

A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door All versions...

8.8CVSS0.00364EPSS
Exploits0References1
Prion
Prion
added 2022/03/09 11:15 p.m.13 views

Information disclosure

A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door All versions...

4.8CVSS7.4AI score0.00364EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/09 11:5 p.m.19 views

CVE-2021-22783

A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door All versions...

8.8CVSS8.8AI score0.00364EPSS
Exploits0References1
CVE
CVE
added 2022/03/09 11:5 p.m.83 views

CVE-2021-22783

CVE-2021-22783 affects Schneider Electric/Ritto Wiser Door (all versions). A CWE-200 information exposure vulnerability could enable session hijacking during communication between the door panel and the door. The available sources in connected documents confirm the issue and affected product, but...

8.8CVSS7.4AI score0.00364EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/03/09 12:0 a.m.3 views

Schneider Electric Ritto Wiser Door 安全漏洞

The Schneider Electric Ritto Wiser Door is an intelligent access control system from Schneider Electric France. A security vulnerability exists in the Schneider Electric Ritto Wiser Door that could allow session hijacking when the door panel communicates with the door...

8.8CVSS7.3AI score0.00364EPSS
Exploits0References2
OSV
OSV
added 2022/02/11 6:15 p.m.4 views

CVE-2021-22806

A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk V2.6.1 and prior, Wiser for KNX V2.6.1 and prior, fellerLYnk V2.6.1 and prior...

7.5CVSS5.8AI score0.00954EPSS
Exploits0References1
NVD
NVD
added 2022/02/11 6:15 p.m.19 views

CVE-2021-22806

A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk V2.6.1 and prior, Wiser for KNX V2.6.1 and prior, fellerLYnk V2.6.1 and prior...

7.5CVSS0.00954EPSS
Exploits0References1
Prion
Prion
added 2022/02/11 6:15 p.m.26 views

Design/Logic Flaw

A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk V2.6.1 and prior, Wiser for KNX V2.6.1 and prior, fellerLYnk V2.6.1 and prior...

5CVSS7.5AI score0.00954EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2022/02/11 5:40 p.m.77 views

CVE-2021-22806

The CVE-2021-22806 entry concerns a CWE-669 vulnerability (Incorrect Resource Transfer Between Spheres) affecting Schneider Electric products: spaceLYnk (version 2.6.1 and prior), Wiser for KNX (version 2.6.1 and prior), and fellerLYnk (version 2.6.1 and prior). The issue could lead to data exfil...

7.5CVSS7.5AI score0.00954EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder