CVE-2025-47423 Information

Description

Personal Weather Station Dashboard 12_lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/_test.php as demonstrated by reading the server’s private SSL key in cleartext.

Reference

https://github.com/haluka92/CVE-2025-47423 https://pwsdashboard.com/