Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Anker Subscribe
Filtered by product Eufy Homebase 2 Firmware

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21952 1 Anker 2 Eufy Homebase 2, Eufy Homebase 2 Firmware 2022-07-29 7.5 HIGH 9.8 CRITICAL
An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to increased privileges.
CVE-2021-21954 1 Anker 2 Eufy Homebase 2, Eufy Homebase 2 Firmware 2022-07-29 9.0 HIGH 9.9 CRITICAL
A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to arbitrary command execution.
CVE-2021-21951 1 Anker 2 Eufy Homebase 2, Eufy Homebase 2 Firmware 2022-07-29 10.0 HIGH 10.0 CRITICAL
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file. A specially-crafted network packet can lead to code execution.
CVE-2021-21950 1 Anker 2 Eufy Homebase 2, Eufy Homebase 2 Firmware 2022-07-29 10.0 HIGH 10.0 CRITICAL
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process. A specially-crafted network packet can lead to code execution.
CVE-2021-21941 1 Anker 2 Eufy Homebase 2, Eufy Homebase 2 Firmware 2022-07-29 6.8 MEDIUM 9.0 CRITICAL
A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to remote code execution.
CVE-2021-21940 1 Anker 2 Eufy Homebase 2, Eufy Homebase 2 Firmware 2022-07-29 7.5 HIGH 10.0 CRITICAL
A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted network packet can lead to a heap buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2022-21806 1 Anker 2 Eufy Homebase 2, Eufy Homebase 2 Firmware 2022-06-28 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network.