201 matches found
CVE-2022-25989
Anker Eufy Homebase 2 (version 2.1.8.5h) contains an authentication bypass in the libxm_av.so getpeermac() function. A specially crafted DHCP packet can trigger DHCP poisoning to bypass authentication, enabling access to internal ports if the attacker can poison the network. TALOS reports the vul...
CVE-2022-25989
An authentication bypass vulnerability exists in the libxmav.so getpeermac functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted DHCP packet can lead to authentication bypass. An attacker can DHCP poison to trigger this vulnerability...
CVE-2022-25989
An authentication bypass vulnerability exists in the libxmav.so getpeermac functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted DHCP packet can lead to authentication bypass. An attacker can DHCP poison to trigger this vulnerability...
PT-2022-17624 · Anker · Anker Eufy Homebase 2
Name of the Vulnerable Software and Affected Versions: Anker Eufy Homebase 2 version 2.1.8.5h Description: An authentication bypass issue exists in the libxm av.so getpeermac functionality. A specially-crafted DHCP packet can lead to authentication bypass. An attacker can trigger this issue by DH...
Anker Eufy Homebase 2 libxm_av.so DemuxCmdInBuffer buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1480 Anker Eufy Homebase 2 libxmav.so DemuxCmdInBuffer buffer overflow vulnerability May 5, 2022 CVE Number CVE-2022-26073 SUMMARY A denial of service vulnerability exists in the libxmav.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A...
PT-2022-17653 · Anker · Anker Eufy Homebase 2
Name of the Vulnerable Software and Affected Versions: Anker Eufy Homebase 2 version 2.1.8.5h Description: A denial of service issue exists in the libxm av.so DemuxCmdInBuffer functionality. This can be triggered by a specially-crafted set of network packets, leading to a device reboot. An attack...
The vulnerability of the “read_udp_push_config_file” function in Anker Eufy Homebase surveillance software allows a intruder to execute arbitrary code.
The vulnerability of the “readudppushconfigfile” function in Anker Eufy Homebase surveillance systems arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
CVE-2021-21953
An authentication bypass vulnerability exists in the processmsg function of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted man-in-the-middle attack can lead to increased privileges...
CVE-2021-21952
An authentication bypass vulnerability exists in the CMDDEVICEGETRSAKEYREQUEST functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to increased privileges...
CVE-2021-21953
The connected TALOS advisory confirms CVE-2021-21953 affects Anker Eufy Homebase 2, version 2.1.6.9h, where the home_security binary’s process_msg() enables an authentication bypass. The attack is MITM-capable over UDP, and the vulnerability arises because protocol traffic can be tampered to issu...
CVE-2021-21953
An authentication bypass vulnerability exists in the processmsg function of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted man-in-the-middle attack can lead to increased privileges...
CVE-2021-21952
An authentication bypass vulnerability exists in the CMDDEVICEGETRSAKEYREQUEST functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to increased privileges...
CVE-2021-21952
The connected TALOS advisory confirms CVE-2021-21952 affects Anker Eufy Homebase 2, binary home_security, via an authentication bypass in CMD_DEVICE_GET_RSA_KEY_REQUEST. The exploit chain begins with an unauthenticated CMD_DEVICE_GET_RSA_KEY_REQUEST that triggers a flawed RSA/AES key exchange: th...
The vulnerability of the “recv_server_device_response_msg_process” function in Anker Eufy Homebase surveillance systems allows a intruder to execute arbitrary code.
The vulnerability of the “recvserverdeviceresponsemsgprocess” function in Anker Eufy Homebase surveillance systems arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code on the target system...
The vulnerability of the wifi_country_code_update function in the microprogramming software for surveillance systems from Anker Eufy Homebase allows a intruder to execute arbitrary commands on the operating system.
The vulnerability of the wifiCountryCodeUpdate function in Anker Eufy Homebase software exists because measures are not taken to neutralize the special commands used in the operating system. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands by...
CVE-2021-21954
A command execution vulnerability exists in the wificountrycodeupdate functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to arbitrary command execution...
CVE-2021-21955
An authentication bypass vulnerability exists in the getaeskeyinfobypacketid function of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to password recovery. An attacker can sniff network traffic to trigger this vulnerability...
CVE-2021-21954
A command execution vulnerability exists in the wificountrycodeupdate functionality of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to arbitrary command execution...
Authentication flaw
An authentication bypass vulnerability exists in the getaeskeyinfobypacketid function of the homesecurity binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to password recovery. An attacker can sniff network traffic to trigger this vulnerability...
CVE-2021-21955
The CVE refers to Anker Eufy Homebase 2 (2.1.6.9h) in the home_security get_aes_key_info_by_packetid() authentication bypass. TALOS details show the weakness: the function combines the 0x10-byte randomly generated AES secret with the decimal time of the device into an output secret, then overwrit...