SwitchBot Smart Video Doorbell 安全漏洞

SwitchBot Smart Video Doorbell is a smart video doorbell from SwitchBot USA. A security vulnerability exists in SwitchBot Smart Video Doorbell versions prior to 2.01.078, which stems from the presence of active debugging code that could allow an attacker to access the device via Telnet...

EUVD-2025-25600

Malicious code in bioql PyPI...

CVE-2025-55630

A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 when entering the wrong username and password allows attackers to enumerate existing accounts...

CVE-2025-55637

Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 was discovered to contain a command injection vulnerability via the setddnspipsystem function...

Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime 安全漏洞

Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime is a smart wired WiFi video doorbell from Reolink USA. A security vulnerability exists in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime version 3.0.0.46622503122283, which stems from an inconsistent error message in the login...

CVE-2025-55630

A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 when entering the wrong username and password allows attackers to enumerate existing accounts...

CVE-2020-28713

Incorrect access control in push notification service in Night Owl Smart Doorbell FW version 20190505 allows remote users to send push notification events via an exposed PNS server. A remote attacker can passively record push notification events which are sent over an insecure web request. The we...

CVE-2020-28713

Night Owl Smart Doorbell FW 20190505 is affected by CVE-2020-28713 due to incorrect access control in the push notification service (PNS). The web service does not authenticate requests, allowing remote attackers to send push notification events to a user’s mobile app by replaying or crafting fal...

A week in security (March 15 – 21)

Last week on Malwarebytes Labs, our podcast featured Adam Kujawa, who talked us through our 2021 State of Malware report. We cover our own research on: Royal mail parcel scam How your iPhone can tell you if you’re being stalked Careers in cybersecurity ProxyLogon PoC whack-a-mole Teen behind 2020...

Ring Adds End-to-End Encryption to Quell Security Uproar

Smart doorbell maker Ring is giving cybersecurity critics less to gripe about with the introduction of end-to-end encryption to many of its models. Ring products, which have been a juggernaut success with consumers, have faced a litany of harsh criticism from cybersecurity experts for what they s...

HaXmas Hardware Hacking

Usually, when you read an IoT hacking report or blog post, it ends with something along the lines of, "and that's how I got root," or "and there was a secret backdoor credential," or "and every device in the field uses the same S3 bucket with no authentication." You know, something bad, and the...

A week in security (November 23 – November 29)

Last week on Malwarebytes Labs, we talked with Chris Boyd about charities that track you online. We also looked back at Zoom, and wondered whether its any safer months after its first vulnerability was reported. We talked about how Apples security is hampering the detection of potentially unwante...

Chasing doorbells: Finding IoT vulnerabilities in embedded devices

The goal of this research project was to see if we could find any vulnerabilities and obtain full persistence on an IoT device, while learning about embedded devices in general. This post will take you through our journey to find vulnerabilities in a common, reasonably priced IoT device. For our...

How to Hack WiFi Password from Smart Doorbells

The buzz around The Internet of Things IoT is growing, and it is growing at a great pace. Every day the technology industry tries to connect another household object to the Internet. One such internet-connected household device is a Smart Doorbell. Gone are the days when we have regular doorbells...