CVE-2021-22806

Severity CVSS v4.0:
Pending analysis
Type:
CWE-669 Incorrect Resource Transfer Between Spheres
Publication date:
11/02/2022
Last modified:
22/02/2022

Description

A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk (V2.6.1 and prior), Wiser for KNX (V2.6.1 and prior), fellerLYnk (V2.6.1 and prior)

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:schneider-electric:spacelynk_firmware:*:*:*:*:*:*:*:* 2.6.1 (including)
cpe:2.3:h:schneider-electric:spacelynk:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:wiser_for_knx_firmware:*:*:*:*:*:*:*:* 2.6.1 (including)
cpe:2.3:h:schneider-electric:wiser_for_knx:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:fellerlynk_firmware:*:*:*:*:*:*:*:* 2.6.1 (including)
cpe:2.3:h:schneider-electric:fellerlynk:-:*:*:*:*:*:*:*