CVE-2018-25396
7.5 HIGHHeatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administra...
Published: 2026-05-29 · Last updated: 2026-06-01
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-256
Description
Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credentials by accessing the networkSetup.htm page. Attackers can request the networkSetup.htm endpoint and extract plaintext username and password values from HTML form fields to gain administrative access to the thermostat.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2024-45636 — IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user (4.1 MEDIUM)
- CVE-2026-36174 — GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console (4.6 MEDIUM)
- CVE-2025-15624 — Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd (7.5 HIGH)
- CVE-2021-47961 — A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influen... (8.1 HIGH)
- CVE-2025-15128 — A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2 (5.3 MEDIUM)