Vulnerabilities > Schneider Electric > Spacelynk Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2022-22809 | Unspecified vulnerability in Schneider-Electric products A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify the touch configurations. | 5.3 |
| 2022-02-09 | CVE-2022-22812 | Unspecified vulnerability in Schneider-Electric products A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause a web session compromise when an attacker injects and then executes arbitrary malicious JavaScript code inside the target browser. | 6.1 |
| 2021-05-26 | CVE-2021-22739 | Unspecified vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a device to be compromised when it is first configured. | 5.9 |
| 2021-05-26 | CVE-2021-22740 | Unspecified vulnerability in Schneider-Electric Homelynk Firmware and Spacelynk Firmware Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause information to be exposed when an unauthorized file is uploaded. | 6.5 |