mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
806 B
806 B
CVE-2025-50740
Description
AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting (xss) vulnerability. The AutoConnect web interface /_ac/config allows HTML/JS code to be executed via a crafted network SSID.
POC
Reference
- https://github.com/AbhijithAJ/AutoConnect_IoT_Lib_vulnerability/blob/main/Report.pdf
- https://github.com/Hieromon/AutoConnect/issues/632