CNNVD-202512-5037 Information
CNNVD ID
CNNVD-202512-5037
Related CVE
- CNNVD Published: 2025-12-30
Description (Chinese)
Ksenia Security Lares 4.0 Home Automation是意大利Ksenia Security公司的一款智慧安防与家庭自动化控制平台。 Ksenia Security Lares 4.0 Home Automation 1.6版本存在安全漏洞,该漏洞源于未受保护的端点,可能导致经过身份验证的攻击者上传MPFS文件系统二进制映像,进而执行任意代码。
Description (English)
Ksenia Security Lares 4.0 Home Automation is a smart, home-based control platform for Ksenia Security, Italy. There is a security gap in version 1.6 of Ksenia Security Lares 4.0 Home Automation, which originates from unprotected endpoints and could lead to the uploading of a binary image of the MPFS file system by an identified assailant, thus implementing any code.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Ksenia Security
Published
2025-12-30
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/ksenia-security-lares-home-automation-remote-code-execution-via-mpfs-upload https://www.kseniasecurity.com/ https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5930.php https://packetstorm.news/files/id/190178/
Share on: