Kseniasecurity Lares Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Kseniasecurity Lares Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-15111 — CVSS 9.8 (critical): Ksenia Security lares (legacy model) version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain…
CVE-2025-15114 — CVSS 9.8 (critical): Ksenia Security lares (legacy model) Home Automation version 1.6 contains a critical security flaw that exposes the alarm system PIN in the…
CVE-2025-15113 — CVSS 9.3 (critical): Ksenia Security lares (legacy model) Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated…
CVE-2025-15112 — CVSS 5.4 (medium): Ksenia Security lares (legacy model) version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' script that allows attackers…