Lucene search
K

10 matches found

NVD
NVD
added 2026/05/29 4:16 p.m.13 views

CVE-2018-25396

Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credentials by accessing the networkSetup.htm page. Attackers can request the networkSetup.htm endpoint and extract plaintext username and password values...

8.7CVSS0.00313EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 2:46 p.m.13 views

EUVD-2018-21918

Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credentials by accessing the networkSetup.htm page. Attackers can request the networkSetup.htm endpoint and extract plaintext username and password values...

8.7CVSS5.8AI score0.00313EPSS
Exploits0References2
CVE
CVE
added 2026/05/29 2:46 p.m.18 views

CVE-2018-25396

The affected product is Heatmiser Wifi Thermostat 1.7. The vulnerability is a credential disclosure on the networkSetup.htm page, allowing unauthenticated attackers to retrieve plaintext administrative credentials from HTML form fields to gain administrative access. The root cause described is ex...

8.7CVSS5.8AI score0.00313EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

Heatmiser Wifi Thermostat 安全漏洞

The Heatmiser Wifi Thermostat is a smart temperature control device from the British company Heatmiser, capable of wireless connection and remote control. Version 1.7 of the Heatmiser Wifi Thermostat contains a security vulnerability. This vulnerability stems from accessing the networkSetup.htm...

8.7CVSS5.8AI score0.00313EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.11 views

PT-2026-44874

Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credentials by accessing the networkSetup.htm page. Attackers can request the networkSetup.htm endpoint and extract plaintext username and password values...

8.7CVSS5.8AI score0.00313EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/12 3:30 p.m.4 views

EUVD-2019-20139

Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters...

5.3CVSS5.7AI score0.00129EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/04/12 12:28 p.m.34 views

CVE-2019-25708 Heatmiser Wifi Thermostat 1.7 Cross-Site Request Forgery

Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters...

5.3CVSS0.00129EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/12 12:28 p.m.3 views

CVE-2019-25708

Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters...

5.3CVSS5.7AI score0.00129EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.11 views

PT-2026-32170

Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters...

5.3CVSS5.7AI score0.00129EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.7 views

Heatmiser Wifi Thermostat 跨站请求伪造漏洞

The Heatmiser Wifi Thermostat is an intelligent temperature control device from the British company Heatmiser, capable of wireless connection and remote control. Version 1.7 of the Heatmiser Wifi Thermostat contains a cross-site request forgery vulnerability. This vulnerability stems from...

5.3CVSS5.8AI score0.00129EPSS
Exploits1References2
Rows per page
Query Builder