← Advisories

Ksenia Security Lares WebServer Home Automation Default Credentials

Critical

Advisory ID

ZSL-2025-5927

Release Date

31 March 2025

Vendor

Ksenia Security S.p.A. - https://www.kseniasecurity.com

Affected Version

Firmware version 1.6, Webserver version 1.0.0.15

CVE

CVE-2025-15111

Tested On

Ksenia Lares Webserver

Summary

Lares is a burglar alarm & home automation system that can be controlled by means of an ergo LCD keyboard, as well as remotely by telephone, and even via the Internet through a built-in WEB server.

Description

Ksenia Lares uses a weak set of default administrative credentials that can be found and used to gain full control of the system.

Proof of Concept

ksenia_creds.txtTXT

Disclosure Timeline

03.07.2024Vulnerability discovered.

27.09.2024Vendor contacted.

30.03.2025No response from the vendor.

31.03.2025Public security advisory released.

11.02.2026Vendor clarifies that this is not affecting lares 4.0, only the legacy lares model.

Credits

Vulnerability discovered by Mencha Isajlovska

References

[1]https://packetstorm.news/files/id/190180/

[2]https://www.cve.org/CVERecord?id=CVE-2025-15111

Changelog

31.03.2025Initial release

03.04.2025Added reference [1]

11.02.2026Changed the title of the advisory and added Vendor Status.

24.03.2026Added reference [2]