Firmware v1.0.6 allows to enable local HTTP API v2, which is great.
Unfortunately the HTTP API is not secured anyhow. What means anyone who got access to the local network may send any request, including configuration modifications.
Suggestion: add some minimal security, like Basic Auth.
Firmware v1.0.6 allows to enable local HTTP API v2, which is great. Unfortunately the HTTP API is not secured anyhow. What means anyone who got access to the local network may send any request, including configuration modifications.
Suggestion: add some minimal security, like Basic Auth.