Lucene search
K

36 matches found

The Hacker News
The Hacker News
added 2 days ago6 views

Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices

Google has significantly degraded NetNut , one of the biggest networks that turns home devices into rented relays for other people's traffic. Working with the FBI, Lumen, and others, Google's Threat Intelligence Group GTIG said this week it had reduced the network's pool of usable devices by...

6AI score
Exploits0
HackRead
HackRead
added 2026/03/12 11:47 a.m.13 views

Maintaining Security and Protecting Smart Home Devices from Hackers

Learn how to protect smart home devices from hackers. Strong passwords, updates and secure networks help keep cameras, sensors and data safe...

5.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/01/19 5:58 p.m.3 views

CVE-2026-23833

ESPHome is a system to control microcontrollers remotely through Home Automation systems. In versions 2025.9.0 through 2025.12.6, an integer overflow in the API component's protobuf decoder allows denial-of-service attacks when API encryption is not used. The bounds check ptr + fieldlength end in...

6.3CVSS5.5AI score0.00273EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/01/19 5:58 p.m.5 views

CVE-2026-23833 ESPHome vulnerable to denial-of-service via out-of-bounds check bypass in the API component

ESPHome is a system to control microcontrollers remotely through Home Automation systems. In versions 2025.9.0 through 2025.12.6, an integer overflow in the API component's protobuf decoder allows denial-of-service attacks when API encryption is not used. The bounds check ptr + fieldlength end in...

6.3CVSS5.6AI score0.00273EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.14 views

CVE-2020-7232

Evoko Home devices 1.31 through 1.37 allow remote attackers to obtain sensitive information such as usernames and password hashes via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL...

7.5CVSS6.8AI score0.01489EPSS
Exploits1References1
HackRead
HackRead
added 2025/11/18 8:53 a.m.3 views

Microsoft Azure Blocks 15.72 Tbps Aisuru Botnet DDoS Attack

Microsoft Azure halted a record 15.72 Tbps DDoS attack from the Aisuru botnet exposing risks created by exposed home devices exploited in large-scale cyber attacks...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-28360

Malware in sbrugna...

7.5CVSS7.5AI score0.01489EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-28108

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01369EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-11143

Malicious code in bioql PyPI...

6.9CVSS6.5AI score0.00242EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:51 p.m.5 views

CVE-2022-22997

Addressed a remote code execution vulnerability by resolving a command injection vulnerability and closing an AWS S3 bucket that potentially allowed an attacker to execute unsigned code on My Cloud Home devices...

9.8CVSS8.4AI score0.01369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:27 a.m.7 views

CVE-2019-15913

An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDCGQ01LM, RTCGQ01LM devices. Because of insecure key transport in ZigBee communication, causing attackers to gain sensitive information and denial of service attack, take over smart home devices, and tamper with messages...

9.8CVSS7AI score0.01253EPSS
Exploits1References1
NVD
NVD
added 2025/04/15 10:15 p.m.14 views

CVE-2025-31654

An attacker can get information about the groups of the smart home devices for arbitrary users i.e., "rooms"...

6.9CVSS0.00242EPSS
Exploits0References1
CVE
CVE
added 2025/04/15 9:7 p.m.58 views

CVE-2025-31654

CVE-2025-31654 concerns Growatt Cloud Applications where an attacker can obtain information about the groups of smart home devices for arbitrary users (i.e., the users’ “rooms”). The CVE appears across multiple sources (NVD, Red Hat, CVE List, CVSS metrics) and is associated with the Growatt clou...

6.9CVSS5.3AI score0.00242EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/04/15 9:7 p.m.12 views

CVE-2025-31654 Growatt Cloud portal Authorization Bypass Through User-Controlled Key

An attacker can get information about the groups of the smart home devices for arbitrary users i.e., "rooms"...

6.9CVSS0.00242EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.14 views

PT-2025-16493 · Growatt · Cloud Portal

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An attacker can obtain information about the groups of smart home devices for arbitrary users, referred to as "rooms". Recommendations: At the moment, there is no information about a newer...

6.9CVSS6.3AI score0.00242EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.12 views

Growatt Cloud Applications 安全漏洞

Growatt Cloud Applications is a monitoring platform from Growatt, a Chinese company. A security vulnerability exists in Growatt Cloud Applications version 3.6.0 and earlier, which stems from an attacker's ability to gain access to any user's smart home device group information...

6.9CVSS6.7AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/19 12:0 a.m.3 views

编号撤回

Envoy is an Enphase open source gateway program for connecting smart home devices. This CVE number has been withdrawn...

7.5AI score
Exploits0References4
CNNVD
CNNVD
added 2024/09/19 12:0 a.m.2 views

Envoy 安全漏洞

Envoy is an Enphase open source gateway program for connecting smart home devices. A security vulnerability exists in versions prior to Envoy 1.32.0 that stems from allowing an external client to manipulate the Envoy header, which can lead to unauthorized access or other malicious operations with...

6.5CVSS7.2AI score0.00378EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/07/14 1:15 p.m.4 views

CVE-2022-28372

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtcfwupgrade or crtcfwimage. The URL provided is not validated, and thus allows for arbitrary file uplo...

7.5CVSS6AI score0.0065EPSS
Exploits1References3
HackRead
HackRead
added 2020/12/30 3:46 p.m.30 views

Hackers using smart home devices to live streaming swatting attacks

By Deeba Ahmed The F.B.I. is warning users to use strong credentials to prevent their smart devices from being used during swatting attacks. Here's how to. This is a post from HackRead.com Read the original post: Hackers using smart home devices to live streaming swatting attacks...

7AI score
Exploits0
Rows per page
Query Builder