Heatmiser

heatmiser

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Wifi Thermostat

wifi_thermostat

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-25708 1Heatmiser 1Wifi Thermostat Apr 17, 2026 Apr 12, 2026 5.3 MEDIUM· v4 3.5 LOW· v3 N/A· v2 Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers ca...Show more Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters usnm, usps, and cfps to modify the admin username and password without user consent.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2019-25708

1Heatmiser

1Wifi Thermostat

Apr 17, 2026

Apr 12, 2026

5.3 MEDIUM· v4

3.5 LOW· v3

N/A· v2

Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting the networkSetup.htm endpoint with parameters usnm, usps, and cfps to modify the admin username and password without user consent.Show less