Security Advisory
CVE-2025-27579
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
In Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an /api/system CSRF attack to update the payout address (aka stratumUser) for a Bitaxe Bitcoin miner, or change the frequency and voltage settings.