5 matches found
EUVD-2025-205863
Ksenia Security Lares 4.0 version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' script that allows attackers to manipulate the 'redirectPage' GET parameter. Attackers can craft malicious links that redirect authenticated users to arbitrary websites when clicking on a specially...
CVE-2025-15112
Ksenia Security lares legacy model version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' script that allows attackers to manipulate the 'redirectPage' GET parameter. Attackers can craft malicious links that redirect authenticated users to arbitrary websites when clicking on a...
CVE-2025-15112
Ksenia Security Lares 4.0 Home Automation 1.6 contains a URL redirection vulnerability in the cmdOk.xml script. The issue arises from accepting and manipulating the redirectPage GET parameter, enabling an attacker to craft links that redirect authenticated users to arbitrary websites when the use...
Ksenia Security Lares 4.0 Home Automation 输入验证错误漏洞
Ksenia Security Lares 4.0 Home Automation is a smart security and home automation control platform from Ksenia Security, Italy. An input validation error vulnerability exists in Ksenia Security Lares 4.0 Home Automation version 1.6, which stems from the manipulation of the redirectPage GET...
PT-2025-54260
Name of the Vulnerable Software and Affected Versions Ksenia Security Lares version 1.6 Description The software contains a URL redirection issue in the 'cmdOk.xml' script. Attackers can manipulate the redirectPage GET parameter to redirect authenticated users to arbitrary websites via a speciall...