Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged

Filter by:

With package: tests.arrayUtilities.isDeclaredMap.sameScopeDeclareSingletonMap

Found 1 matching suggestions

View:

Compact

Detailed

Permalink CVE-2025-15114

9.8 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 1 month, 3 weeks ago

Ksenia Security Lares 4.0 Home Automation 1.6 PIN Exposure Vulnerability

Ksenia Security Lares 4.0 Home Automation version 1.6 contains a critical security flaw that exposes the alarm system PIN in the 'basisInfo' XML file after authentication. Attackers can retrieve the PIN from the server response to bypass security measures and disable the alarm system without additional authentication.

References

Zero Science Lab Disclosure (ZSL-2025-5929) third-party-advisory
VulnCheck Advisory: Ksenia Security Lares 4.0 Home Automation 1.6 PIN Exposure Vulnerability third-party-advisory
Zero Science Lab Disclosure (ZSL-2025-5929) third-party-advisory
VulnCheck Advisory: Ksenia Security Lares 4.0 Home Automation 1.6 PIN Exposure Vulnerability third-party-advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5929.php exploit
Zero Science Lab Disclosure (ZSL-2025-5929) technical-descriptionexploit
VulnCheck Advisory: Ksenia Security Lares 4.0 Home Automation 1.6 PIN Exposure Vulnerability third-party-advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5929.php exploit

Affected products

lares

==1.0.0.15
==1.6

Ksenia Security Lares 4.0 Home Automation

==1.0.0.15
==1.6

Matching in nixpkgs

pkgs.flaresolverr

Proxy server to bypass Cloudflare protection

nixos-unstable 3.4.6
- nixpkgs-unstable 3.4.6
- nixos-unstable-small 3.4.6
nixos-25.11 3.4.3
- nixos-25.11-small 3.4.3
- nixpkgs-25.11-darwin 3.4.3

pkgs.tests.arrayUtilities.isDeclaredMap.sameScopeDeclareSingletonMap

None

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.tests.arrayUtilities.isDeclaredArray.sameScopeDeclareSingletonArray

None

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.tests.arrayUtilities.isDeclaredMap.previousScopeDeclareSingletonMapFails

A wrapper around testers.testBuildFailure to simplify common use cases

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.tests.arrayUtilities.isDeclaredArray.previousScopeDeclareSingletonArrayFails

A wrapper around testers.testBuildFailure to simplify common use cases

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

Package maintainers

@paveloom Pavel Sobolev <contact@paveloom.dev>
@ConnorBaker Connor Baker <ConnorBaker01@gmail.com>

1