CVE-2021-22766Improper Input Validation in Powerlogic Egx100 Firmware

CWE-20Improper Input Validation3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.9%
top 24.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Schneider-electric Powerlogic Egx100 Firmware
Timeline
PublishedJun 11
Latest updateMay 24

Description

A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 3.0.0 and newer) and PowerLogic EGX300 (All Versions) that could cause denial of service via a specially crafted HTTP packet

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-473q-p3cq-866g: ** UNSUPPORTED WHEN ASSIGNED ** A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 32022-05-24
CVEList
CVE-2021-22766: A CWE-20: Improper Input Validation vulnerability exists in PowerLogic EGX100 (Versions 32021-06-11
CVE-2021-22766 — Improper Input Validation | cvebase