5 matches found
CVE-2025-6260 Network Thermostat X-Series WiFi Thermostats Missing Authentication for Critical Function
The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset us...
CVE-2025-6260 Network Thermostat X-Series WiFi Thermostats Missing Authentication for Critical Function
The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset us...
CVE-2025-6260
CVE-2025-6260 affects Network Thermostat X-Series WiFi Thermostats: the embedded web server can be reached unauthenticated over LAN or via Internet-exposed router, enabling an attacker to reset user credentials by manipulating the web interface. The exact vulnerable versions are not specified in ...
Network Thermostat X-Series WiFi thermostats 访问控制错误漏洞
Network Thermostat X-Series WiFi thermostats is a WiFi only thermostat from Network Thermostat, Inc. An access control error vulnerability exists in Network Thermostat X-Series WiFi thermostats that stems from an embedded web server that allows an unauthorized attacker to reset user credentials b...
PT-2025-30692 · Unknown · Network Thermostat X-Series
Name of the Vulnerable Software and Affected Versions: Network Thermostat X-Series WiFi Thermostats affected versions not specified Description: The embedded web server on the thermostat contains an issue that allows unauthenticated attackers, either on the local area network or from the Internet...