Browse all 3 CVE security advisories affecting homeasap. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Homeasap provides home automation and security solutions, enabling remote monitoring and control of smart home devices. Historically, the system has been vulnerable to multiple security classes including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These issues have allowed attackers to compromise device functionality, access sensitive user data, and potentially gain unauthorized network access. The three publicly disclosed CVEs highlight persistent security concerns in their web interface and mobile applications, particularly around input validation and access control. While no major public security incidents have been reported, the pattern of vulnerabilities suggests ongoing challenges in secure development practices for their IoT ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12525 | Easy MLS Listings Import <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Easy MLS Listings ImportCWE-79 | 6.4 | Medium | 2025-02-18 |
| CVE-2024-12502 | My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — My IDX Home SearchCWE-79 | 6.4 | Medium | 2024-12-14 |
| CVE-2024-11889 | My IDX Home Search <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — My IDX Home SearchCWE-79 | 6.4 | Medium | 2024-12-14 |
This page lists every published CVE security advisory associated with homeasap. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.