2025-11-18 10:17:46
CERTVDE
PUBLISHED
The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials.