This is an experimental firmware fork for the FutureProofHomes Satellite1 hardware. Security fixes are applied to the latest release only.
| Version | Supported |
|---|---|
| Latest | Yes |
| Older | No |
Please do not report security vulnerabilities through public GitHub issues.
Instead, report them privately via GitHub Security Advisories. Provide as much detail as possible:
- Description of the vulnerability
- Steps to reproduce
- Potential impact (e.g. remote code execution, credential exposure, network access)
- Any suggested mitigations
You can expect an initial response within a few days. If the vulnerability is confirmed, a fix will be prioritized and a patched release made available. You will be credited in the advisory unless you prefer to remain anonymous.
This repository contains:
- Custom ESPHome components for the Satellite1 hardware
- Firmware configuration YAML files
- Build and test scripts
Out of scope: vulnerabilities in upstream ESPHome, third-party components, or the home automation platforms this device integrates with (Home Assistant, etc.). Please report those to their respective projects.
- Wi-Fi credentials are provided at flash time and stored on-device. Use a dedicated IoT network segment.
- OTA updates are password-protected via ESPHome's built-in OTA mechanism. Use a strong OTA password.
- API access to the device should be restricted to your local network. Enable the ESPHome API encryption key.
- This firmware is intended for home network environments and is not hardened for untrusted network exposure.