Lucene search
K

24 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/11/26 5:35 a.m.4 views

SwitchBot Smart Video Doorbell vulnerable to active debug code

Overview Smart Video Doorbell provided by SwitchBot contains the following vulnerability. Active debug code CWE-489 - CVE-2025-64983 Researcher reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacker on ...

8.6CVSS8.2AI score0.00307EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.4 views

SwitchBot Smart Video Doorbell 安全漏洞

SwitchBot Smart Video Doorbell is a smart video doorbell from SwitchBot USA. A security vulnerability exists in SwitchBot Smart Video Doorbell versions prior to 2.01.078, which stems from the presence of active debugging code that could allow an attacker to access the device via Telnet...

8.6CVSS7.8AI score0.00307EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-22978

Malicious code in bioql PyPI...

5.9CVSS5.5AI score0.00146EPSS
Exploits0References2
NVD
NVD
added 2025/07/29 5:15 a.m.6 views

CVE-2025-53649

"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs...

5.9CVSS0.00146EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/07/29 4:44 a.m.8 views

"SwitchBot" App vulnerable to insertion of sensitive information into log file

Overview "SwitchBot" App provided by SwitchBot contains the following vulnerability. Insertion of sensitive information into log file CWE-532 - CVE-2025-53649 Soh Satoh reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnershi...

5.9CVSS6.3AI score0.00146EPSS
Exploits0References4
CVE
CVE
added 2025/07/29 4:41 a.m.19 views

CVE-2025-53649

CVE-2025-53649 – SwitchBot App (Android/iOS) involves an insecure logging flaw where sensitive user information can be written to log files. Affected versions are SwitchBot App V6.24 through V9.12. The root cause is insertion of sensitive information into log files, enabling exposure to anyone wi...

5.9CVSS5AI score0.00146EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/29 4:41 a.m.12 views

CVE-2025-53649

"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs...

5.9CVSS0.00146EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/29 4:41 a.m.3 views

CVE-2025-53649

"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs...

5.9CVSS5AI score0.00146EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/29 12:0 a.m.5 views

SwitchBot 日志信息泄露漏洞

SwitchBot is a smart switch program from SwitchBot, Inc. A log information disclosure vulnerability exists in SwitchBot versions V6.24 through V9.12, which originates when sensitive information is inserted into a log file, potentially leading to information disclosure...

5.9CVSS4.9AI score0.00146EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.6 views

PT-2025-31167 · Switchbot · Switchbot App

Name of the Vulnerable Software and Affected Versions: SwitchBot App versions V6.24 through V9.12 Description: The SwitchBot App for iOS/Android contains a flaw that results in sensitive information being written to log files. Exploitation of this issue may allow an attacker with access to...

5.9CVSS6.7AI score0.00146EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 7:3 a.m.5 views

CVE-2024-48786

An issue in SWITCHBOT INC SwitchBot com.theswitchbot.switchbot 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process...

9.1CVSS6.6AI score0.0049EPSS
Exploits0References1
NVD
NVD
added 2024/10/11 8:15 p.m.12 views

CVE-2024-48786

An issue in SWITCHBOT INC SwitchBot com.theswitchbot.switchbot 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process...

9.1CVSS0.0049EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/11 12:0 a.m.11 views

CVE-2024-48786

An issue in SWITCHBOT INC SwitchBot com.theswitchbot.switchbot 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process...

6.5AI score0.0049EPSS
Exploits0References2
CVE
CVE
added 2024/10/11 12:0 a.m.57 views

CVE-2024-48786

The CVE-2024-48786 entry concerns SWITCHBOT SwitchBot (com.theswitchbot.switchbot) 5.0.4. The issue, described across multiple sources, allows a remote attacker to obtain sensitive information through the firmware update process. The reported impact is primarily confidentiality (C:H, I:H) with no...

9.1CVSS6.4AI score0.0049EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/11 12:0 a.m.4 views

PT-2024-33220 · Switchbot · Switchbot

Name of the Vulnerable Software and Affected Versions: SwitchBot version 5.0.4 Description: The issue allows a remote attacker to obtain sensitive information via the firmware update process. Recommendations: For version 5.0.4, at the moment, there is no information about a newer version that...

9.1CVSS6.9AI score0.0049EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/11 12:0 a.m.4 views

SwitchBot 安全漏洞

SwitchBot is a smart switch program from SwitchBot, Inc. A security vulnerability exists in SwitchBot version 5.0.4, which stems from the inclusion of a vulnerability that would allow a remote attacker to obtain sensitive information through the firmware update process...

9.1CVSS6.5AI score0.0049EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/11 12:0 a.m.22 views

CVE-2024-48786

An issue in SWITCHBOT INC SwitchBot com.theswitchbot.switchbot 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process...

0.0049EPSS
Exploits0References2
NVD
NVD
added 2023/10/10 3:15 a.m.28 views

CVE-2023-42189

Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denia...

7.5CVSS7.3AI score0.0079EPSS
Exploits0References3
OSV
OSV
added 2023/10/10 3:15 a.m.4 views

CVE-2023-42189

Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denia...

7.5CVSS5.8AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/10/10 3:15 a.m.4 views

CVE-2023-42189

Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denia...

7.5CVSS5.8AI score0.0079EPSS
Exploits0References4
Rows per page
Query Builder