Anker

Eufy Homebase 2 Firmware

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-29503

Exploit
  • EPSS 0.76%
  • Veröffentlicht 29.09.2022 17:15:28
  • Zuletzt bearbeitet 21.11.2024 06:59:12

A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability.

9.8

CVE-2022-21806

Exploit
  • EPSS 2%
  • Veröffentlicht 17.06.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:45:28

A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network...

8.8

CVE-2022-25989

Exploit
  • EPSS 0.04%
  • Veröffentlicht 05.05.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 06:53:17

An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted DHCP packet can lead to authentication bypass. An attacker can DHCP poison to trigger this vulnerabilit...

6.5

CVE-2022-26073

Exploit
  • EPSS 0.21%
  • Veröffentlicht 05.05.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 06:53:22

A denial of service vulnerability exists in the libxm_av.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to a device reboot. An attacker can send packets to trigger this vulnera...

9.8

CVE-2021-21952

Exploit
  • EPSS 0.46%
  • Veröffentlicht 22.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:49:18

An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to increased privileges.

8.1

CVE-2021-21953

Exploit
  • EPSS 0.31%
  • Veröffentlicht 22.12.2021 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:49:18

An authentication bypass vulnerability exists in the process_msg() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted man-in-the-middle attack can lead to increased privileges.

9.9

CVE-2021-21954

Exploit
  • EPSS 1.66%
  • Veröffentlicht 09.12.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:49:18

A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to arbitrary command execution.

7.5

CVE-2021-21955

Exploit
  • EPSS 0.52%
  • Veröffentlicht 09.12.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:49:18

An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to password recovery. An attacker can sniff network traffic ...

10

CVE-2021-21950

Exploit
  • EPSS 0.88%
  • Veröffentlicht 08.12.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 05:49:18

An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process. A specially-crafted network packet ...

10

CVE-2021-21951

Exploit
  • EPSS 0.88%
  • Veröffentlicht 08.12.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 05:49:18

An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file. A specially-crafted network packet can lead to co...