The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory warning that the SolisCloud Monitoring Platform — specifically its Cloud API and Device Control API — contains a serious Broken Access Control / Insecure Direct Object Reference (IDOR) that allows any...
Daikin’s Security Gateway is affected by a critical pre‑authentication password‑reset flaw that lets an unauthenticated attacker reset device credentials to the factory default and take control of the appliance and any connected systems — the issue is tracked as CVE‑2025‑10127 and rated highly...
