CVE-2025-15112 – Ksenia Security Lares 4.0 Home Automation 1.6 URL Redirection Vulnerability

CVE ID : CVE-2025-15112

Published : Dec. 30, 2025, 11:15 p.m. | 1 hour, 8 minutes ago

Description : Ksenia Security Lares 4.0 version 1.6 contains a URL redirection vulnerability in the ‘cmdOk.xml’ script that allows attackers to manipulate the ‘redirectPage’ GET parameter. Attackers can craft malicious links that redirect authenticated users to arbitrary websites when clicking on a specially constructed link hosted on a trusted domain.

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…