CNNVD-202508-624 Information

CNNVD ID

CNNVD-202508-624

Related CVE

CVE-2025-50740

• CNNVD Published: 2025-08-06

Description (Chinese)

AutoConnect是Hieromon Ikasamo个人开发者的一个Arduino库。 AutoConnect 1.4.2版本存在安全漏洞，该漏洞源于AutoConnect web接口/_ac/config允许执行特制网络SSID中的HTML/JS代码，可能导致跨站脚本攻击。

Description (English)

AutoConnect is an Arduino library of Hieromon Ikasamo’s personal developer. AutoConnect version 1.4.2 contains a security loophole originating from the AutoConnect Web interface/ ac/config allowing the implementation of HTML/JS code in a specially designed network, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-06

Last Modified

2026-02-24

References

https://github.com/AbhijithAJ/AutoConnect_IoT_Lib_vulnerability/blob/main/Report.pdf https://github.com/Hieromon/AutoConnect/issues/632 https://access.redhat.com/security/cve/cve-2025-50740