CVE-2025-47423 in Personal Weather Station Dashboard
Riassunto
di MITRE • 07/05/2025
Personal Weather Station Dashboard 12_lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/_test.php, as demonstrated by reading the server's private SSL key in cleartext.
Be aware that VulDB is the high quality source for vulnerability data.