Browse all 4 CVE security advisories affecting Legrand. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Legrand specializes in electrical and digital building infrastructure, providing solutions for power distribution, control systems, and smart buildings. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from web interfaces and network services. Security researchers have identified issues in their RFLC series, P-Light controllers, and other IoT-enabled devices. While no major public incidents have been widely documented, the consistent presence of multiple CVEs indicates ongoing security challenges in their connected product lines, particularly in default configurations and firmware updates.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-2983 | Legrand SMS PowerView os command injection — SMS PowerViewCWE-78 | 5.5 | Medium | 2025-03-31 |
| CVE-2025-2982 | Legrand SMS PowerView file inclusion — SMS PowerViewCWE-73 | 6.3 | Medium | 2025-03-31 |
| CVE-2025-2981 | Legrand SMS PowerView cross site scripting — SMS PowerViewCWE-79 | 3.5 | Low | 2025-03-31 |
| CVE-2025-2980 | Legrand SMS PowerView redirect — SMS PowerViewCWE-601 | 3.5 | Low | 2025-03-31 |
This page lists every published CVE security advisory associated with Legrand. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.