154 matches found
CVE-2022-30232
A CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code execution when an attacker is able to intercept and modify a request on the same network or has configuration access to an ION device on the network. Affected Products: Wiser Smart, EER21000 & EER21001...
Schneider Electric Wiser Smart 授权问题漏洞
Schneider Electric Wiser Smart is a complete connected home solution from Schneider Electric, France. It brings comfort, convenience and security to the home. Schneider Electric Wiser Smart has an authorization issue vulnerability that stems from incorrect authentication...
Schneider Electric Wiser Smart 安全漏洞
Schneider Electric Wiser Smart is a complete connected home solution from Schneider Electric, France. It brings comfort, convenience and security to the home. A security vulnerability exists in the Schneider Electric Wiser Smart that stems from sensitive data not being encrypted...
Schneider Electric Wiser Smart 安全漏洞
Schneider Electric Wiser Smart is a complete connected home solution from Schneider Electric, France. It brings comfort, convenience and security to the home. A security vulnerability exists in Schneider Electric Wiser Smart. No information about this vulnerability is available at this time, plea...
Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Remote Root
!/usr/bin/env python3 -- coding: utf-8 -- Schneider Electric C-Bus Automation Controller 5500SHAC 1.10 Remote Root Exploit Vendor: Schneider Electric SE Product web page: https://www.se.com | https://www.clipsal.com Product details: -...
CVE-2022-30234
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30235
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow unauthorized access when an attacker uses brute force. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30236
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30237
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow authentication credentials to be recovered when an attacker breaks the encoding. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30233
A CWE-20: Improper Input Validation vulnerability exists that could allow the product to be maliciously manipulated when the user is tricked into performing certain actions on a webpage. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2022-30238
A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over the admin account when an attacker hijacks a session. Affected Products: Wiser Smart, EER21000 & EER21001 V4.5 and prior...
CVE-2021-22783
A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door All versions...
Information disclosure
A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door All versions...
CVE-2021-22783
A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door All versions...
CVE-2021-22783
CVE-2021-22783 affects Schneider Electric/Ritto Wiser Door (all versions). A CWE-200 information exposure vulnerability could enable session hijacking during communication between the door panel and the door. The available sources in connected documents confirm the issue and affected product, but...
Schneider Electric Ritto Wiser Door 安全漏洞
The Schneider Electric Ritto Wiser Door is an intelligent access control system from Schneider Electric France. A security vulnerability exists in the Schneider Electric Ritto Wiser Door that could allow session hijacking when the door panel communicates with the door...
CVE-2021-22806
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk V2.6.1 and prior, Wiser for KNX V2.6.1 and prior, fellerLYnk V2.6.1 and prior...
CVE-2021-22806
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk V2.6.1 and prior, Wiser for KNX V2.6.1 and prior, fellerLYnk V2.6.1 and prior...
Design/Logic Flaw
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk V2.6.1 and prior, Wiser for KNX V2.6.1 and prior, fellerLYnk V2.6.1 and prior...
CVE-2021-22806
The CVE-2021-22806 entry concerns a CWE-669 vulnerability (Incorrect Resource Transfer Between Spheres) affecting Schneider Electric products: spaceLYnk (version 2.6.1 and prior), Wiser for KNX (version 2.6.1 and prior), and fellerLYnk (version 2.6.1 and prior). The issue could lead to data exfil...