CVE-2025-1214

Summary

CVE-2025-1214 is a critical vulnerability affecting the Role-Based Access Control component in PiHome 2.0. The issue lies within the /user_accounts.php?uid file, resulting in missing authorization. An attacker can exploit this remotely, gaining unauthorized access to the system. The vulnerability has been disclosed to the public, increasing the risk of potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.