CVE-2025-15113 - Ksenia Security Lares 4.0 Home Automation 1.6 Remote Code Execution via MPFS Upload

CVE ID : CVE-2025-15113 Published : Dec. 30, 2025, 11:15 p.m. | 1 hour, 33 minutes ago Description : Ksenia Security Lares 4.0 Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system's web server. Severity: 8.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Source: Telegram CVE Monitor