CNNVD-202512-4275 Information

CNNVD ID

CNNVD-202512-4275

Related CVE

CVE-2019-25234

• CNNVD Published: 2025-12-24

Description (Chinese)

Carlo Gavazzi SmartHouse Webapp是美国Carlo Gavazzi公司的一个远程管理智能家居设备的软件平台。 Carlo Gavazzi SmartHouse Webapp 6.5.33版本存在安全漏洞，该漏洞源于存在多个跨站请求伪造和跨站脚本漏洞，可能导致执行未经授权的操作。

Description (English)

Carlo Gavazzi SmartHouse Webapp is a software platform for remote management of smart home equipment for Carlo Gavazzi in the United States. There is a security loophole in version 6.5.33 of Carlo Gavazzi Smarthouse Webapp, which stems from multiple cross-site requests for forgery and cross-site scripts, which may lead to unauthorized operations.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Carlo Gavazzi

Published

2025-12-24

Last Modified

2026-02-24

References

http://www.smarthouse.nu https://www.exploit-db.com/exploits/47730 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5543.php