6 matches found
EUVD-2024-46257
Malicious code in bioql PyPI...
EUVD-2024-46255
Malicious code in bioql PyPI...
CVE-2025-30198
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...
CVE-2024-12079
ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An attacker can steal a lawnmower, read the PIN, and reset the anti-theft mechanism...
CVE-2024-52325 ECOVACS robot lawnmowers and vacuums command injection
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin over an unauthenticated BLE connection...
CVE-2024-52325
ECOVACS robot lawnmowers and vacuums are affected by a vulnerability described as command injection via SetNetPin() over an unauthenticated Bluetooth Low Energy (BLE) connection. Public sources consistently identify the vulnerable component as the SetNetPin() function, with exploitation possible ...