Vulnerabilities (CVE)

Filtered by vendor Schneider-electric Subscribe

Filtered by product Fellerlynk Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-22811	1 Schneider-electric	6 Fellerlynk, Fellerlynk Firmware, Spacelynk and 3 more	2022-05-16	8.8 HIGH	8.1 HIGH
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could induce users to perform unintended actions, leading to the override of the system?s configurations when an attacker persuades a user to visit a rogue website. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior)
CVE-2021-22806	1 Schneider-electric	6 Fellerlynk, Fellerlynk Firmware, Spacelynk and 3 more	2022-02-22	5.0 MEDIUM	7.5 HIGH
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk (V2.6.1 and prior), Wiser for KNX (V2.6.1 and prior), fellerLYnk (V2.6.1 and prior)