571 matches found
Aqara多款产品 安全漏洞
Aqara Camera Hub G3 and others are a smart surveillance camera from Aqara USA. A security vulnerability exists in various Aqara products, which stems from unvalidated server certificates in a TLS connection and could lead to a man-in-the-middle attack. The following products and versions are...
PT-2025-50547
Name of the Vulnerable Software and Affected Versions Aqara Hub M2 version 4.3.6 0027 Aqara Hub M3 version 4.3.6 0025 Aqara Camera Hub G3 version 4.1.9 0027 Description The software contains NULL-pointer dereference issues in the JSON processing component. These issues can be exploited by providi...
CVE-2025-65297
The CVE-2025-65297 entry covers Aqara Hub devices (Camera Hub G3 4.1.9_0027; Hub M2 4.3.6_0027; Hub M3 4.3.6_0025) that automatically collect and upload unencrypted sensitive information without disclosure or consent. The connected sources corroborate the same description across Red Hat/CIRA ENIS...
Aqara多款产品 安全漏洞
Aqara Camera Hub G3 and others are a smart surveillance camera from Aqara USA. A security vulnerability exists in various Aqara products that stems from a failure to verify signatures during firmware updates, which could lead to the installation of malicious firmware. The following products and...
CVE-2025-65297
Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...
CVE-2025-65294
The vulnerability CVE-2025-65294 affects Aqara Hub devices: Camera Hub G3 (version 4.1.9_0027), Hub M2 (4.3.6_0027), and Hub M3 (4.3.6_0025). Connected documents describe an undocumented remote access mechanism that enables unrestricted remote command execution, i.e., attacker-controlled commands...
CVE-2025-65296
CVE-2025-65296 affects Aqara Hub M2 (version 4.3.6_0027), Aqara Hub M3 (4.3.6_0025), and Aqara Camera Hub G3 (4.1.9_0027). The issue is a NULL-pointer dereference in the JSON processing component, which enables denial-of-service attacks via malformed JSON inputs. Public details consistently descr...
PT-2025-50541
Name of the Vulnerable Software and Affected Versions Aqara Hub devices versions 4.1.9 0027, 4.3.6 0027, and 4.3.6 0025 Description A command injection issue exists in Aqara Hub devices, including Camera Hub G3, Hub M2, and Hub M3. This allows attackers to execute arbitrary commands with root...
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
Ubiquiti多款产品 安全漏洞
Ubiquiti UniFi Talk Touch, among others, is an IP phone from Ubiquiti USA. A security vulnerability exists in various Ubiquiti products, which stems from an unintentional enablement of the internal debugging feature, which could allow an attacker to invoke internal debugging operations via the...
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
CVE-2025-52663
Affects UniFi Talk devices: UniFi Talk Touch <= 1.21.16, UniFi Talk Touch Max <= 2.21.22, and UniFi Talk G3 Phones = 1.21.17, UniFi Talk Touch Max >= 2.21.23, and UniFi Talk G3 Phones >= 3.21.27. If newer advisories exist, follow their guidance; otherwise these are the stated fixes.
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
PT-2025-44561
Name of the Vulnerable Software and Affected Versions UniFi Talk Touch versions 1.21.16 and earlier UniFi Talk Touch Max versions 2.21.22 and earlier UniFi Talk G3 Phones versions 3.21.26 and earlier Description An issue was identified in certain UniFi Talk devices where internal debugging...
EUVD-2018-16983
Malware in sbrugna...
EUVD-2018-16984
Malware in sbrugna...
EUVD-2019-6380
Malware in sbrugna...
EUVD-2012-0729
Malware in sbrugna...
EUVD-2021-20493
Malware in sbrugna...