CVE-2025-67965

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions favethemes Homey Core versions through 2.4.3

Description An authorization issue exists in favethemes Homey Core. The issue involves incorrectly configured access control security levels, potentially allowing unauthorized access. The API endpoints and vulnerable parameters are not specified. The function names are not specified.

Recommendations Update to a version later than 2.4.3.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2025-67965

Affected Products

Homey Core

CVE-2025-67965

Weakness Enumeration

Related Identifiers

Affected Products

References · 4