8 matches found
EUVD-2025-205864
Ksenia Security Lares 4.0 Home Automation version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system...
EUVD-2025-205863
Ksenia Security Lares 4.0 version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' script that allows attackers to manipulate the 'redirectPage' GET parameter. Attackers can craft malicious links that redirect authenticated users to arbitrary websites when clicking on a specially...
EUVD-2025-205861
Ksenia Security Lares 4.0 Home Automation version 1.6 contains a critical security flaw that exposes the alarm system PIN in the 'basisInfo' XML file after authentication. Attackers can retrieve the PIN from the server response to bypass security measures and disable the alarm system without...
CVE-2025-15112
Ksenia Security lares legacy model version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' script that allows attackers to manipulate the 'redirectPage' GET parameter. Attackers can craft malicious links that redirect authenticated users to arbitrary websites when clicking on a...
CVE-2025-15111
Ksenia Security lares legacy model version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system...
Ksenia Security Lares 4.0 Home Automation 输入验证错误漏洞
Ksenia Security Lares 4.0 Home Automation is a smart security and home automation control platform from Ksenia Security, Italy. An input validation error vulnerability exists in Ksenia Security Lares 4.0 Home Automation version 1.6, which stems from the manipulation of the redirectPage GET...
Ksenia Security Lares 4.0 Home Automation 安全漏洞
Ksenia Security Lares 4.0 Home Automation is an intelligent security and home automation control platform from Ksenia Security, Italy. A security vulnerability exists in Ksenia Security Lares 4.0 Home Automation version 1.6, which originates from an unprotected endpoint, and could allow an...
Ksenia Security Lares 4.0 Open Redirect
Ksenia Security Lares version 4.0 suffers from an open redirection vulnerability. Exploit Title: Ksenia Security Lares 4.0 Home Automation URL Redirection Google Dork: N/A Date: 31 March 2025 Exploit Author: Mencha 'ShadeLock' Isajlovska Vendor Homepage: https://www.kseniasecurity.com/en/ Softwar...