CVE-2025-6260 | Network Thermostat X-Series WiFi Thermostat Embedded Web Interface missing authentication (icsa-25-205-02)

Inserito da Angelo Barbosa | Lug 24, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Network Thermostat X-Series WiFi Thermostat. Affected by this issue is some unknown functionality of the component Embedded Web Interface. The manipulation leads to missing authentication.

This vulnerability is handled as CVE-2025-6260. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-6260 | Network Thermostat X-Series WiFi Thermostat Embedded Web Interface missing authentication (icsa-25-205-02)

Post correlati

CVE-2019-20459 | Epson Expression Home XP255 20.08.FM10I8 SNMPv1 information disclosure

CVE-2024-2813 | Tenda AC15 15.03.20_multi fast_setting_wifi_set form_fast_setting_wifi_set ssid stack-based overflow

CVE-2024-3612 | SourceCodester Warehouse Management System 1.0 barang.php nama_barang/merek cross site scripting

CVE-2024-33542 | Fabio Rinaldi Crelly Slider Plugin up to 1.4.5 on WordPress authorization