CVE-2020-24396

homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...

CVE-2025-64305 Columbia Weather Systems MicroServer Cleartext Storage in a File or on Disk

MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize these plaintext secrets to modify the vendor firmware, or gain admin access to the web portal...

CVE-2025-65825

The firmware on the basestation of the Meatmeet is not encrypted. An adversary with physical access to the Meatmeet device can disassemble the device, connect over UART, and retrieve the firmware dump for analysis. Within the NVS partition they may discover the credentials of the current and...

EUVD-2025-202620

The firmware on the basestation of the Meatmeet is not encrypted. An adversary with physical access to the Meatmeet device can disassemble the device, connect over UART, and retrieve the firmware dump for analysis. Within the NVS partition they may discover the credentials of the current and...

PT-2025-50500

Name of the Vulnerable Software and Affected Versions Meatmeet affected versions not specified Description The firmware on the Meatmeet basestation is not encrypted. An attacker with physical access can retrieve the firmware dump via UART, potentially discovering credentials for current and...

Meatmeet Pro BBQ Thermometer 安全漏洞

Meatmeet Pro BBQ Thermometer is an advanced smart thermometer from Meatmeet. A security vulnerability exists in the Meatmeet Pro BBQ Thermometer version v1.0.34.4, which stems from unencrypted firmware and could lead to the disclosure of sensitive information and unauthorized network access...

EUVD-2020-17125

Malware in sbrugna...

EUVD-2025-32580

The YoSmart YoLink Smart Hub firmware 0382 is unencrypted, and data extracted from it can be used to determine network access credentials...

CVE-2025-59450

The YoSmart YoLink Smart Hub firmware 0382 is unencrypted, and data extracted from it can be used to determine network access credentials...

CVE-2025-59450

The YoSmart YoLink Smart Hub firmware 0382 is unencrypted, and data extracted from it can be used to determine network access credentials...

CVE-2025-59450

The CVE-2025-59450 entry concerns YoSmart YoLink Smart Hub firmware 0382 (unencrypted). The documented impact is that data extracted from the device could be used to determine network access credentials, exposing confidentiality. No exploitation details are provided in the supplied documents. Rem...

PT-2025-40947

Name of the Vulnerable Software and Affected Versions YoSmart YoLink Smart Hub firmware version 0382 Description The YoSmart YoLink Smart Hub firmware version 0382 is unencrypted. Data extracted from the device can be used to determine network access credentials. Recommendations At the moment,...

YoSmart YoLink Smart Hub 安全漏洞

YoSmart YoLink Smart Hub is a smart home hub device from YoSmart USA. A security vulnerability exists in YoSmart YoLink Smart Hub version 0382, which stems from unencrypted firmware and could lead to the disclosure of network access credentials...

EUVD-2022-15675

Malicious code in bioql PyPI...

EUVD-2022-39075

Malicious code in bioql PyPI...

CVE-2025-53755

This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted dat...

CVE-2022-0553

There is no check to see if slot 0 is being uploaded from the device to the host. When using encrypted images this means the unencrypted firmware can be retrieved easily...

CVE-2022-0553

There is no check to see if slot 0 is being uploaded from the device to the host. When using encrypted images this means the unencrypted firmware can be retrieved easily...

PT-2023-12629 · Zephyrproject +1 · Zephyr

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue arises from the lack of a check to see if slot 0 is being uploaded from the device to the host. This oversight allows for the easy retrieval o...

zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by the Zephyr Project. A security vulnerability exists in zephyr that stems from its failure to check if slot 0 is uploaded from the device to the host resulting in unencrypted firmware that can be easily retrieved when an...