Vulnerability Details CVE-2025-15111
Ksenia Security Lares 4.0 Home Automation version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.3%
CVSS Severity
CVSS v3 Score 7.5
References
- https://packetstorm.news/files/id/190180/
- https://www.kseniasecurity.com/
- https://www.vulncheck.com/advisories/ksenia-security-lares-home-automation-default-credentials-vulnerability
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.php
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.php
Products affected by CVE-2025-15111
-
cpe:2.3:h:kseniasecurity:lares:4.0
-
cpe:2.3:o:kseniasecurity:lares_firmware:1.6