kseniasecurity CVE Vulnerabilities & Metrics

Focus on kseniasecurity vulnerabilities and metrics.

Last updated: 16 Jan 2026, 23:25 UTC

About kseniasecurity Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with kseniasecurity. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total kseniasecurity CVEs: 4
Earliest CVE date: 30 Dec 2025, 23:15 UTC
Latest CVE date: 30 Dec 2025, 23:15 UTC

Latest CVE reference: CVE-2025-15114

Rolling Stats

30-day Count (Rolling): 4
365-day Count (Rolling): 4

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical kseniasecurity CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.0

Max CVSS: 0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	4
4.0-6.9	0
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS kseniasecurity CVEs

These are the five CVEs with the highest CVSS scores for kseniasecurity, sorted by severity first and recency.

CVE-2025-15114 kseniasecurity Published on 30 Dec 2025, 23:15 UTC (CVSS: 0)
Ksenia Security Lares 4.0 Home Automation version 1.6 contains a critical security flaw that exposes the alarm system PIN in the 'basisInfo' XML file after authentication. Attackers can retrieve the PIN from the server response to bypass security measures and disable the alarm system without additional authentication.
CVE-2025-15113 kseniasecurity Published on 30 Dec 2025, 23:15 UTC (CVSS: 0)
Ksenia Security Lares 4.0 Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system's web server.
CVE-2025-15112 kseniasecurity Published on 30 Dec 2025, 23:15 UTC (CVSS: 0)
Ksenia Security Lares 4.0 version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' script that allows attackers to manipulate the 'redirectPage' GET parameter. Attackers can craft malicious links that redirect authenticated users to arbitrary websites when clicking on a specially constructed link hosted on a trusted domain.
CVE-2025-15111 kseniasecurity Published on 30 Dec 2025, 23:15 UTC (CVSS: 0)
Ksenia Security Lares 4.0 Home Automation version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system.

All CVEs for kseniasecurity

CVE-2025-15114 kseniasecurity vulnerability CVSS: 0 30 Dec 2025, 23:15 UTC

Ksenia Security Lares 4.0 Home Automation version 1.6 contains a critical security flaw that exposes the alarm system PIN in the 'basisInfo' XML file after authentication. Attackers can retrieve the PIN from the server response to bypass security measures and disable the alarm system without additional authentication.

CVE-2025-15113 kseniasecurity vulnerability CVSS: 0 30 Dec 2025, 23:15 UTC

Ksenia Security Lares 4.0 Home Automation version 1.6 contains an unprotected endpoint vulnerability that allows authenticated attackers to upload MPFS File System binary images. Attackers can exploit this vulnerability to overwrite flash program memory and potentially execute arbitrary code on the home automation system's web server.

CVE-2025-15112 kseniasecurity vulnerability CVSS: 0 30 Dec 2025, 23:15 UTC

Ksenia Security Lares 4.0 version 1.6 contains a URL redirection vulnerability in the 'cmdOk.xml' script that allows attackers to manipulate the 'redirectPage' GET parameter. Attackers can craft malicious links that redirect authenticated users to arbitrary websites when clicking on a specially constructed link hosted on a trusted domain.

CVE-2025-15111 kseniasecurity vulnerability CVSS: 0 30 Dec 2025, 23:15 UTC

Ksenia Security Lares 4.0 Home Automation version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system.