wiser for knx, spaceLYnk, firmware, security, patch

Notifications

SpaceLogic KNX Forum

Schneider Electric SpaceLogic KNX forum to get support and share knowledge including selection, installation and troubleshooting for spaceLYnk, Wiser for KNX, eConfigure KNX, SpaceLogic KNX Hybrid module and other topics.

Invite a Co-worker

Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.

Send Invite Cancel

Top Experts

User

Count

103

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague

Back to SpaceLogic KNX Forum

515

Link copied. Please paste this link to share this article on your social media post.

Hello,

please, take attention to attached applications security patch fixing POST-Based Cross-Site Request Forgery (CSRF) vulnerability.

Vulnerable Product

• Product Line: spaceLYnk, Wiser for KNX, fellerLYnk

• Version: V2.6.2 and earlier

that allows an attacker to introduce users to perform unintended actions, leading to the override of the system’s configurations by manipulating the Function Blocks on FbEditor.

The patch is going to be added to next firmware release as usual.

Your HCS team

Replies 0

never-displayed

You must be signed in to add attachments

never-displayed

To The Top!

Vulnerability fix: POST-Based Cross-Site Request Forgery (CSRF)

Vulnerability fix: POST-Based Cross-Site Request Forgery (CSRF)