AbhijithAJ/AutoConnect_IoT_Lib_vulnerability

Releases0

Hieromon AutoConnect popular IoT wi-fi soft AP provisoning Library is vulnerable to XSS code injection via Wi-Fi Name.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-50740 ↗	Aug 6, 2025Wednesday, 6 August 2025, 21:15	6.1 MEDIUM	—
AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting (xss) vulnerability. The AutoConnect web interface /_ac/config allows HTML/JS code to be executed via a crafted network SSID.