6 matches found
EUVD-2024-46257
Malicious code in bioql PyPI...
EUVD-2024-46255
Malicious code in bioql PyPI...
CVE-2025-30198
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...
CVE-2024-12079
ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An attacker can steal a lawnmower, read the PIN, and reset the anti-theft mechanism...
CVE-2024-52325
ECOVACS robot lawnmowers and vacuums are affected by a vulnerability described as command injection via SetNetPin() over an unauthenticated Bluetooth Low Energy (BLE) connection. Public sources consistently identify the vulnerable component as the SetNetPin() function, with exploitation possible ...
CVE-2024-52325 ECOVACS robot lawnmowers and vacuums command injection
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin over an unauthenticated BLE connection...