CVE-2025-6260P2CRITICALCVSS 9.8≥ v4.5, < 4.6·≥ v9.6, < v9.46+2 more2025-07-24
CVE-2025-6260 [CRITICAL] CWE-306 CVE-2025-6260: The embedded web server on the thermostat listed version ranges contain a vulnerability that allows
The embedded web server on the thermostat listed version ranges contain a vulnerability that allows unauthenticated attackers, either on the local area network or from the Internet via a router with port forwarding set up, to gain direct access to the thermostat's embedded web server and reset user credentials by manipulating specific elements of the
nvd