Lucene search
K

8 matches found

CVE
CVE
added 2026/05/29 2:46 p.m.17 views

CVE-2018-25396

The affected product is Heatmiser Wifi Thermostat 1.7. The vulnerability is a credential disclosure on the networkSetup.htm page, allowing unauthenticated attackers to retrieve plaintext administrative credentials from HTML form fields to gain administrative access. The root cause described is ex...

8.7CVSS5.8AI score0.00313EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/29 2:46 p.m.31 views

CVE-2018-25396 Heatmiser Wifi Thermostat 1.7 Credential Disclosure via networkSetup.htm

Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credentials by accessing the networkSetup.htm page. Attackers can request the networkSetup.htm endpoint and extract plaintext username and password values...

8.7CVSS0.00313EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-22544

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/26 9:23 p.m.10 views

CVE-2025-6260

The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset us...

9.8CVSS7.5AI score0.00463EPSS
Exploits0References1
NVD
NVD
added 2025/07/24 9:15 p.m.3 views

CVE-2025-6260

The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset us...

9.8CVSS0.00463EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.7 views

Bosch BCC101 Security Vulnerability

Bosch BCC101 is a thermostat from Bosch Germany. A security vulnerability exists in Bosch BCC101 versions v4.13.20 through v4.13.33, which stems from a vulnerability that allows an attacker to connect to the device over the same WiFi network...

8.3CVSS6.8AI score0.00441EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/20 12:0 a.m.6 views

Sinilink XY-WFT1 WiFi Remote Thermostat 安全漏洞

Sinilink XY-WFT1 WiFi Remote Thermostat is a remote thermostat from Sinilink. A security vulnerability exists in the Sinilink XY-WFT1 WiFi Remote Thermostat version 1.3.6, which stems from the lack of need to authenticate via a mobile application, allowing an attacker to bypass the expected...

5.9CVSS6AI score0.01868EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2015/06/08 12:0 a.m.4 views

PT-2015-6092 · Unknown · Thermostat

Name of the Vulnerable Software and Affected Versions: Thermostat versions prior to 2.0.0 Description: The issue allows local users to obtain user credentials by reading the web.xml configuration file due to world-readable permissions. Recommendations: For versions prior to 2.0.0, update to versi...

2.1CVSS6AI score0.00507EPSS
Exploits1References7
Rows per page
Query Builder