Browse all 4 CVE security advisories affecting Wattsense. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Wattsense develops IoT energy monitoring solutions for commercial buildings, with its core use case involving real-time power consumption tracking and analytics. Historically, the platform has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. Security researchers have identified authentication bypass weaknesses and insecure default configurations in its web interface, though no major public security incidents have been documented. The product's exposure to network-based attacks remains a concern given its internet-connected nature and the potential for unauthorized access to sensitive building energy data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-26411 | Authenticated Arbitrary Python File Upload via Plugin Manager — Wattsense BridgeCWE-434 | 8.8 | - | 2025-02-11 |
| CVE-2025-26410 | Weak Hard-coded Credentials — Wattsense BridgeCWE-798 | 9.8 | - | 2025-02-11 |
| CVE-2025-26409 | Access to Bootloader and Shell Over Serial Interface — Wattsense BridgeCWE-1299 | 6.8 | - | 2025-02-11 |
| CVE-2025-26408 | Unprotected JTAG Interface — Wattsense BridgeCWE-1191 | 6.8 | - | 2025-02-11 |
This page lists every published CVE security advisory associated with Wattsense. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.