Agreed, it looks like anything running Apache with the log4j could potentially be affected. Not knowing how deep every implementation goes (always use devices with Apache, but only on the surface level), could any of our devices connected to HA have an unpatched potential for this threat? How many potential instances of Apache/log4j could there be within HA and it’s add-ons?
Let’s say something as small as a WLED implementation with a local web service to log into and change settings - is that Apache based? I am wondering how deep we are going to be as a group if something is able to tunnel in as there are a lot of random devices pinging all the time.