Another episode of Internet Of Things done wrong. This exploit is so trivial, i would not even call it exploit.
VELUX[0] is the leading manufacturer of roof windows (They are really great!). VELUX KLF 200 is a device to control VELUX windows over ethernet/internet[1]. The KLF 200 device has an undocumented API for executing scenes, with other words opening and closing velux windows.