CVE-2020-24396

homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...

CVE-2019-16258

The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface...

EUVD-2020-17125

Malware in sbrugna...

EUVD-2019-7064

Malware in sbrugna...

CVE-2020-24395

The USB firmware update script of homee Brain Cube v2 2.28.2 and 2.28.4 devices allows an attacker with physical access to install compromised firmware. This occurs because of insufficient validation of the firmware image file and can lead to code execution on the device...

CVE-2020-24395

The USB firmware update script of homee Brain Cube v2 2.28.2 and 2.28.4 devices allows an attacker with physical access to install compromised firmware. This occurs because of insufficient validation of the firmware image file and can lead to code execution on the device...

CVE-2020-24396

homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...

CVE-2020-24396

homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...

CVE-2020-24395

The USB firmware update script of homee Brain Cube v2 2.28.2 and 2.28.4 devices allows an attacker with physical access to install compromised firmware. This occurs because of insufficient validation of the firmware image file and can lead to code execution on the device...

Input validation

The USB firmware update script of homee Brain Cube v2 2.28.2 and 2.28.4 devices allows an attacker with physical access to install compromised firmware. This occurs because of insufficient validation of the firmware image file and can lead to code execution on the device...

Hardcoded credentials

homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...

CVE-2020-24395

The USB firmware update script of homee Brain Cube v2 2.28.2 and 2.28.4 devices allows an attacker with physical access to install compromised firmware. This occurs because of insufficient validation of the firmware image file and can lead to code execution on the device...

CVE-2020-24395

The CVE-2020-24395 issue affects homee Brain Cube v2 (firmware versions 2.28.2 and 2.28.4). Affected component: USB firmware update script. Root cause: insufficient validation of the firmware image file, enabling an attacker with physical access to install compromised firmware and potentially ach...

CVE-2020-24396

homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...

CVE-2020-24396

CVE-2020-24396 affects homee Brain Cube v2 (firmware 2.28.2 and 2.28.4). The issue is that sensitive SSH keys are stored within downloadable and unencrypted firmware images, enabling remote attackers to use the support server as a SOCKS proxy. Documented impact is exposure of credentials and pote...

Homee Brain Cube 数据伪造问题漏洞

Homee Brain Cube is a smart home central control unit from Homee, Germany. A security vulnerability exists in the homee Brain Cube v2, which stems from insufficient validation of the firmware image file and could lead to code execution on the device...

Homee Brain Cube 安全漏洞

Homee Brain Cube is a smart home central control unit from Homee, Germany. A security vulnerability exists in homee Brain Cube v2, which allows remote attackers to exploit the vulnerability to use the support server as a SOCKS proxy...

PT-2021-11032 · Homee · Homee Brain Cube

Name of the Vulnerable Software and Affected Versions: homee Brain Cube v2 versions 2.28.2 through 2.28.4 Description: The issue allows remote attackers to use the support server as a SOCKS proxy due to sensitive SSH keys being present within downloadable and unencrypted firmware images...

homee Brain Cube Access Control Error Vulnerability

Homee Brain Cube is a smart home central control unit from Homee Germany. An access control error vulnerability exists in the bootloader in Homee Brain Cube V2 2.23.0 and earlier versions, which can be exploited by an attacker to gain root privileges by manipulating the U-Boot environment via the...

CVE-2019-16258

The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface...