CVE-2025-64983

CVE-2025-64983 concerns SwitchBot’s Smart Video Doorbell. Firmware versions prior to 2.01.078 reportedly include an active debug code that can be exploited to connect via Telnet, granting an attacker access to the device. The vulnerability directly enables unauthorized access on an adjacent netwo...

EUVD-2020-21380

Malware in sbrugna...

EUVD-2020-21382

Malware in sbrugna...

EUVD-2025-25597

Malicious code in bioql PyPI...

PT-2025-34459 · Reolink · Reolink Smart 2K+ Plug-In Wi-Fi Video Doorbell

Name of the Vulnerable Software and Affected Versions: Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime version 3.0.0.4662 2503122283 Description: The device suffers from insecure permissions that allow attackers to arbitrarily change other users' passwords. This is achieved through...

PT-2025-34460 · Reolink · Reolink Smart 2K+ Plug-In Wi-Fi Video Doorbell

Name of the Vulnerable Software and Affected Versions: Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime version 3.0.0.4662 2503122283 Description: A discrepancy in the error message returned by the login function when providing incorrect credentials allows attackers to enumerate existing...

CVE-2025-55637

Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 was discovered to contain a command injection vulnerability via the setddnspipsystem function...

Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime 安全漏洞

Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime is a smart wired WiFi video doorbell from Reolink USA. A security vulnerability exists in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime version 3.0.0.46622503122283, which stems from improperly set permissions that could result...

PT-2025-34461 · Reolink · Reolink Smart 2K+ Plug-In Wi-Fi Video Doorbell

Name of the Vulnerable Software and Affected Versions: Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime firmware version 3.0.0.4662 2503122283 Description: The device manages users' sessions system wide instead of an account-by-account basis, potentially leading to a Denial of Service Do...

CVE-2020-28998

An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the Telnet service that allows a remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password...

CVE-2020-29000

An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged account. By sending a crafted message, an attacker is able to remotely deliver a telnet session. An...

Akuvox E11 安全漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that originates from the use of a customized version of the dropbear SSH service. This service allows an insecure option...

Akuvox E11 数据伪造问题漏洞

Akuvox E11 is a SIP visual doorbell from Akuvox designed for villas, houses and apartments. A security vulnerability exists in Akuvox E11 that stems from not ensuring that file extensions are associated with the files provided. This could allow an attacker to upload files to the device by changin...

CVE-2020-29000

An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged account. By sending a crafted message, an attacker is able to remotely deliver a telnet session. An...

Geeni GNC-CW013 Trust Management Issues Vulnerability

Geeni GNC-CW013 is a webcam from Geeni USA. A security vulnerability exists in the Geeni GNC-CW013 doorbell version 1.8.1. An attacker can take full control of the camera using a highly privileged account...

A week in security (November 23 – November 29)

Last week on Malwarebytes Labs, we talked with Chris Boyd about charities that track you online. We also looked back at Zoom, and wondered whether its any safer months after its first vulnerability was reported. We talked about how Apples security is hampering the detection of potentially unwante...