Lucene search
+L

149 matches found

nvd
nvd
added 2022/06/17 6:15 p.m.26 views

CVE-2022-21806

A use-after-free vulnerability exists in the mipscollector appsrvserver functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network...

10CVSS0.02227EPSS
Exploits1References1
prion
prion
added 2022/06/17 6:15 p.m.22 views

Design/Logic Flaw

A use-after-free vulnerability exists in the mipscollector appsrvserver functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network...

7.5CVSS9.7AI score0.02227EPSS
Exploits1References1Affected Software1
cve
cve
added 2022/06/17 5:40 p.m.67 views

CVE-2022-21806

CVE-2022-21806 affects Anker Eufy Homebase 2 (2.1.8.5h). Talos-reported use-after-free in mips_collector's appsrv_server, reachable over the network, potentially enabling remote code execution via crafted MT messages. The issue’s impact is described as high/critical, with the server component exp...

10CVSS9.7AI score0.02227EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2022/06/17 5:40 p.m.26 views

CVE-2022-21806

A use-after-free vulnerability exists in the mipscollector appsrvserver functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network...

10CVSS10AI score0.02227EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2022/06/17 5:40 p.m.8 views

CVE-2022-21806

A use-after-free vulnerability exists in the mipscollector appsrvserver functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network...

10CVSS9.8AI score0.02227EPSS
Exploits1References1
talosblog
talosblog
added 2022/06/15 12:14 p.m.15 views

Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, authentication bypass

Lilith of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered three vulnerabilities in the Anker Eufy Homebase 2. The Eufy Homebase 2 is the video storage and networking gateway that works with Anker’s Eufy Smarthome ecosystem.... This is only the...

1.1AI score
Exploits0
talos
talos
added 2022/06/15 12:0 a.m.35 views

Anker Eufy Homebase 2 mips_collector appsrv_server use-after-free vulnerability

Talos Vulnerability Report TALOS-2022-1440 Anker Eufy Homebase 2 mipscollector appsrvserver use-after-free vulnerability June 15, 2022 CVE Number CVE-2022-21806 SUMMARY A use-after-free vulnerability exists in the mipscollector appsrvserver functionality of Anker Eufy Homebase 2 2.1.8.5h. A...

10CVSS9.6AI score0.02227EPSS
Exploits1
cnnvd
cnnvd
added 2022/06/15 12:0 a.m.10 views

Anker Eufy Homebase 资源管理错误漏洞

Anker Eufy Homebase is a wireless home security camera system from Eufy USA. A security vulnerability exists in Anker Eufy Homebase 2 version 2.1.8.5h that stems from a post-release reuse issue in the mipscollector appsrvserver function...

10CVSS8.3AI score0.02227EPSS
Exploits1References3
bdu_fstec
bdu_fstec
added 2022/05/26 12:0 a.m.6 views

The vulnerability of the CMD_DEVICE_GET_RSA_KEY_REQUEST function in Anker Eufy Homebase surveillance systems allows a intruder to bypass authentication procedures or gain unauthorized access to the device.

The vulnerability of the CMDDEVICEGETRSAKEYREQUEST function in Anker Eufy Homebase surveillance systems is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to bypass authentication procedures or gain unauthorized access to the devic...

9.7CVSS7.7AI score0.01271EPSS
Exploits1References4Affected Software1
bdu_fstec
bdu_fstec
added 2022/05/26 12:0 a.m.8 views

The vulnerability of the `get_aes_key_info_by_packetid()` function in Anker Eufy Homebase surveillance systems allows a intruder to bypass the authentication process.

The vulnerability of the getaeskeyinfobypacketid function in Anker Eufy Homebase surveillance systems is related to a small number of possible random values. Exploiting this vulnerability could allow a malicious actor to bypass the authentication process remotely...

7.7CVSS7.1AI score0.00978EPSS
Exploits1References4Affected Software1
bdu_fstec
bdu_fstec
added 2022/05/26 12:0 a.m.7 views

The vulnerability of the process_msg() function in Anker Eufy Homebase surveillance systems allows intruders to enhance their privileges within the target system.

The vulnerability of the processmsg function in Anker Eufy Homebase surveillance systems is related to improper operation of the authentication process. Exploiting this vulnerability could allow a malicious actor to gain increased privileges within the target system by performing a...

7.7CVSS7.2AI score0.00978EPSS
Exploits1References4Affected Software1
nvd
nvd
added 2022/05/05 6:15 p.m.32 views

CVE-2022-25989

An authentication bypass vulnerability exists in the libxmav.so getpeermac functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted DHCP packet can lead to authentication bypass. An attacker can DHCP poison to trigger this vulnerability...

8.8CVSS0.00989EPSS
Exploits1References1
osv
osv
added 2022/05/05 6:15 p.m.6 views

CVE-2022-25989

An authentication bypass vulnerability exists in the libxmav.so getpeermac functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted DHCP packet can lead to authentication bypass. An attacker can DHCP poison to trigger this vulnerability...

8.8CVSS5.8AI score0.00989EPSS
Exploits1References1
osv
osv
added 2022/05/05 6:15 p.m.4 views

CVE-2022-26073

A denial of service vulnerability exists in the libxmav.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to a device reboot. An attacker can send packets to trigger this vulnerability...

6.5CVSS6.9AI score0.0071EPSS
Exploits1References1
nvd
nvd
added 2022/05/05 6:15 p.m.28 views

CVE-2022-26073

A denial of service vulnerability exists in the libxmav.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to a device reboot. An attacker can send packets to trigger this vulnerability...

7.4CVSS0.0071EPSS
Exploits1References1
prion
prion
added 2022/05/05 6:15 p.m.13 views

Denial of service

A denial of service vulnerability exists in the libxmav.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to a device reboot. An attacker can send packets to trigger this vulnerability...

6.1CVSS6.3AI score0.0071EPSS
Exploits1References1Affected Software1
prion
prion
added 2022/05/05 6:15 p.m.16 views

Authentication flaw

An authentication bypass vulnerability exists in the libxmav.so getpeermac functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted DHCP packet can lead to authentication bypass. An attacker can DHCP poison to trigger this vulnerability...

5.8CVSS8.8AI score0.00989EPSS
Exploits1References1Affected Software1
cve
cve
added 2022/05/05 5:35 p.m.81 views

CVE-2022-26073

CVE-2022-26073 affects Anker Eufy Homebase 2 with firmware 2.1.8.5h. TALOS documents a vulnerability in libxm_av.so DemuxCmdInBuffer where an integer/overread in WifiComRecv processing of crafted network packets can crash the homebase, causing a DoS and device reboot. Affected component: DemuxCmd...

7.4CVSS6.3AI score0.0071EPSS
Exploits1References1Affected Software1
vulnrichment
vulnrichment
added 2022/05/05 5:35 p.m.7 views

CVE-2022-26073

A denial of service vulnerability exists in the libxmav.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to a device reboot. An attacker can send packets to trigger this vulnerability...

7.4CVSS6.5AI score0.0071EPSS
Exploits1References1
cvelist
cvelist
added 2022/05/05 5:35 p.m.29 views

CVE-2022-26073

A denial of service vulnerability exists in the libxmav.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to a device reboot. An attacker can send packets to trigger this vulnerability...

7.4CVSS6.5AI score0.0071EPSS
Exploits1References1
Rows per page
Query Builder