24 matches found
SwitchBot Smart Video Doorbell vulnerable to active debug code
Overview Smart Video Doorbell provided by SwitchBot contains the following vulnerability. Active debug code CWE-489 - CVE-2025-64983 Researcher reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacker on ...
SwitchBot Smart Video Doorbell 安全漏洞
SwitchBot Smart Video Doorbell is a smart video doorbell from SwitchBot USA. A security vulnerability exists in SwitchBot Smart Video Doorbell versions prior to 2.01.078, which stems from the presence of active debugging code that could allow an attacker to access the device via Telnet...
EUVD-2025-22978
Malicious code in bioql PyPI...
CVE-2025-53649
"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs...
"SwitchBot" App vulnerable to insertion of sensitive information into log file
Overview "SwitchBot" App provided by SwitchBot contains the following vulnerability. Insertion of sensitive information into log file CWE-532 - CVE-2025-53649 Soh Satoh reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnershi...
CVE-2025-53649
CVE-2025-53649 – SwitchBot App (Android/iOS) involves an insecure logging flaw where sensitive user information can be written to log files. Affected versions are SwitchBot App V6.24 through V9.12. The root cause is insertion of sensitive information into log files, enabling exposure to anyone wi...
CVE-2025-53649
"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs...
CVE-2025-53649
"SwitchBot" App for iOS/Android contains an insertion of sensitive information into log file vulnerability in versions V6.24 through V9.12. If this vulnerability is exploited, sensitive user information may be exposed to an attacker who has access to the application logs...
SwitchBot 日志信息泄露漏洞
SwitchBot is a smart switch program from SwitchBot, Inc. A log information disclosure vulnerability exists in SwitchBot versions V6.24 through V9.12, which originates when sensitive information is inserted into a log file, potentially leading to information disclosure...
PT-2025-31167 · Switchbot · Switchbot App
Name of the Vulnerable Software and Affected Versions: SwitchBot App versions V6.24 through V9.12 Description: The SwitchBot App for iOS/Android contains a flaw that results in sensitive information being written to log files. Exploitation of this issue may allow an attacker with access to...
CVE-2024-48786
An issue in SWITCHBOT INC SwitchBot com.theswitchbot.switchbot 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process...
CVE-2024-48786
An issue in SWITCHBOT INC SwitchBot com.theswitchbot.switchbot 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process...
CVE-2024-48786
An issue in SWITCHBOT INC SwitchBot com.theswitchbot.switchbot 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process...
CVE-2024-48786
The CVE-2024-48786 entry concerns SWITCHBOT SwitchBot (com.theswitchbot.switchbot) 5.0.4. The issue, described across multiple sources, allows a remote attacker to obtain sensitive information through the firmware update process. The reported impact is primarily confidentiality (C:H, I:H) with no...
PT-2024-33220 · Switchbot · Switchbot
Name of the Vulnerable Software and Affected Versions: SwitchBot version 5.0.4 Description: The issue allows a remote attacker to obtain sensitive information via the firmware update process. Recommendations: For version 5.0.4, at the moment, there is no information about a newer version that...
SwitchBot 安全漏洞
SwitchBot is a smart switch program from SwitchBot, Inc. A security vulnerability exists in SwitchBot version 5.0.4, which stems from the inclusion of a vulnerability that would allow a remote attacker to obtain sensitive information through the firmware update process...
CVE-2024-48786
An issue in SWITCHBOT INC SwitchBot com.theswitchbot.switchbot 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process...
CVE-2023-42189
Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denia...
CVE-2023-42189
Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denia...
CVE-2023-42189
Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denia...