heatmiser 相关的公开 CVE 漏洞与安全风险信息,提供 CVSS、EPSS、公开时间与漏洞情报数据,帮助评估潜在风险与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2019-25708 | Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters usnm, usps, and cfps to modify the admin username and password without user consent. | [email protected] | 5.3 | 0.13% | 2026-04-12 | 2026-06-16 |