CVE-2025-1214

Medium CVSS: 5.3

A vulnerability classified as critical has been found in pihome-shc PiHome 2.0. This affects an unknown part of the file /user_accounts.php?uid of the component Role-Based Access Control. The manipulation leads to missing authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Pihome

Product

Maxair

CWE

CWE-862

Yayın Tarihi

2025-02-12 18:15:22

Güncelleme

2025-10-17 15:18:02

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-862 Maxair MEDIUM Pihome 2025

Referanslar

https://github.com/janssensjelle/published-pocs/blob/main/pihomehvac-improper-access-control.md https://vuldb.com/?ctiid.295173 https://vuldb.com/?id.295173 https://vuldb.com/?submit.497533 https://github.com/janssensjelle/published-pocs/blob/main/pihomehvac-improper-access-control.md

Benzer Kayıtlar

Medium

CVE-2025-1742

A vulnerability, which was classified as problematic, has been found in pihome-shc PiHome 2.0. Affected by this issue is…

Medium

CVE-2025-1213

A vulnerability was found in pihome-shc PiHome 1.77. It has been rated as problematic. Affected by this issue is some un…

Medium

CVE-2025-1185

A vulnerability was found in pihome-shc PiHome 2.0. It has been classified as critical. This affects an unknown part of…

Medium

CVE-2025-1184

A vulnerability was found in pihome-shc PiHome 1.77 and classified as critical. Affected by this issue is some unknown f…