Lucene search
K

40 matches found

EUVD
EUVD
added 2025/12/11 12:30 a.m.5 views

EUVD-2025-202636

NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.60027, Hub M3 4.3.60025, and Camera Hub G3 4.1.90027 in the JSON processing enable denial-of-service attacks through malformed JSON inputs...

6.5CVSS6.5AI score0.00251EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/11 12:30 a.m.6 views

EUVD-2025-202609

Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 allows attackers to execute arbitrary commands with root privileges through malicious domain names...

7.3CVSS7.6AI score0.00697EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/11 12:30 a.m.4 views

EUVD-2025-202635

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...

7.5CVSS6.3AI score0.00167EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/11 12:30 a.m.5 views

EUVD-2025-202637

Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 devices, allow attackers to install malicious firmware without proper verification. The device fails to validate firmware signatures during updates, uses outdated...

8.1CVSS6.3AI score0.002EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/12/11 12:3 a.m.28 views

CVE-2025-65294

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 contain an undocumented remote access mechanism enabling unrestricted remote command execution...

9.8CVSS7.2AI score0.00843EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/11 12:3 a.m.12 views

CVE-2025-65292

Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 allows attackers to execute arbitrary commands with root privileges through malicious domain names...

7.3CVSS8.1AI score0.00697EPSS
Exploits1References1
NVD
NVD
added 2025/12/10 10:16 p.m.5 views

CVE-2025-65296

NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.60027, Hub M3 4.3.60025, and Camera Hub G3 4.1.90027 in the JSON processing enable denial-of-service attacks through malformed JSON inputs...

6.5CVSS0.00251EPSS
Exploits1References1
NVD
NVD
added 2025/12/10 10:16 p.m.6 views

CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...

7.5CVSS0.00167EPSS
Exploits0References1
OSV
OSV
added 2025/12/10 10:16 p.m.10 views

CVE-2025-65296

NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.60027, Hub M3 4.3.60025, and Camera Hub G3 4.1.90027 in the JSON processing enable denial-of-service attacks through malformed JSON inputs...

6.5CVSS5.8AI score0.00251EPSS
Exploits1References1
OSV
OSV
added 2025/12/10 10:16 p.m.5 views

CVE-2025-65295

Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 devices, allow attackers to install malicious firmware without proper verification. The device fails to validate firmware signatures during updates, uses outdated...

8.1CVSS5.8AI score0.002EPSS
Exploits1References1
OSV
OSV
added 2025/12/10 10:16 p.m.4 views

CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...

7.5CVSS5.8AI score0.00167EPSS
Exploits0References1
OSV
OSV
added 2025/12/10 10:16 p.m.4 views

CVE-2025-65294

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 contain an undocumented remote access mechanism enabling unrestricted remote command execution...

9.8CVSS5.8AI score0.00843EPSS
Exploits1References2
OSV
OSV
added 2025/12/10 10:16 p.m.4 views

CVE-2025-65290

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 fail to validate server certificates during HTTPS firmware downloads, allowing man-in-the-middle attackers to intercept firmware update traffic and potentially serve modified firmware files...

7.4CVSS5.8AI score0.00157EPSS
Exploits1References1
NVD
NVD
added 2025/12/10 10:16 p.m.5 views

CVE-2025-65292

Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 allows attackers to execute arbitrary commands with root privileges through malicious domain names...

7.3CVSS0.00697EPSS
Exploits1References1
OSV
OSV
added 2025/12/10 10:16 p.m.4 views

CVE-2025-65292

Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 allows attackers to execute arbitrary commands with root privileges through malicious domain names...

7.3CVSS6.1AI score0.00697EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.6 views

PT-2025-50548

Name of the Vulnerable Software and Affected Versions Aqara Hub Camera Hub G3 version 4.1.9 0027 Aqara Hub M2 version 4.3.6 0027 Aqara Hub M3 version 4.3.6 0025 Description Aqara Hub devices automatically collect and upload sensitive information in an unencrypted format. This data collection and...

7.5CVSS6.4AI score0.00167EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.6 views

Aqara Camera Hub G3 安全漏洞

Aqara Camera Hub G3 is a smart surveillance camera from Aqara USA. A security vulnerability exists in Aqara Camera Hub G3 version 4.1.90027, Hub M2 version 4.3.60027, and Hub M3 version 4.3.60025, which stems from the failure to validate server certificates during HTTPS firmware downloads, which...

7.4CVSS6.6AI score0.00157EPSS
Exploits1References2
CVE
CVE
added 2025/12/10 12:0 a.m.27 views

CVE-2025-65296

CVE-2025-65296 affects Aqara Hub M2 (version 4.3.6_0027), Aqara Hub M3 (4.3.6_0025), and Aqara Camera Hub G3 (4.1.9_0027). The issue is a NULL-pointer dereference in the JSON processing component, which enables denial-of-service attacks via malformed JSON inputs. Public details consistently descr...

6.5CVSS6.7AI score0.00251EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/12/10 12:0 a.m.19 views

CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...

0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/10 12:0 a.m.21 views

CVE-2025-65294

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 contain an undocumented remote access mechanism enabling unrestricted remote command execution...

0.00843EPSS
Exploits1References2
Rows per page
Query Builder