CVE-2025-47423 in Personal Weather Station Dashboardinformazioni

Riassunto

di MITRE • 07/05/2025

Personal Weather Station Dashboard 12_lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/_test.php, as demonstrated by reading the server's private SSL key in cleartext.

Be aware that VulDB is the high quality source for vulnerability data.

Responsabile

MITRE

Prenotare

07/05/2025

Divulgazione

07/05/2025

Moderazione

accettato

CPE

pronto

EPSS

0.02114

KEV

no

Attività

molto basso

Fonti

Want to stay up to date on a daily basis?

Enable the mail alert feature now!