Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Mar 11, 2026
Ksenia Security lares Home Automation 1.6 Default Credentials Vulnerability
CVE-2025-15111
Description
Ksenia Security lares (legacy model) version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system.
Affected products
2<=1.6+ 1 more
- (no CPE)range: <=1.6
- (no CPE)range: 1.6
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- packetstorm.news/files/id/190180/mitreexploit
- www.vulncheck.com/advisories/ksenia-security-lares-home-automation-default-credentials-vulnerabilitymitrethird-party-advisory
- www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.phpmitrethird-party-advisory
- www.kseniasecurity.commitreproduct
News mentions
0No linked articles in our index yet.