Aqara
aqara
8 CVEs • 6 products
Products (6)
Click to collapseToggle
Products (6)
Click to collapse
CVEs (8)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Aqara 3Camera Hub G3 Firmware Hub M2 FirmwareHub M3 FirmwareJun 17, 2026 Dec 10, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from...Show more |
1Aqara 3Camera Hub G3 Firmware Hub M2 FirmwareHub M3 FirmwareJun 17, 2026 Dec 10, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, and Camera Hub G3 4.1.9_0027 in the JSON processing enable denial-of-service attacks through malformed JSON inputs. |
1Aqara 3Camera Hub G3 Firmware Hub M2 FirmwareHub M3 FirmwareJun 17, 2026 Dec 10, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 devices, allow attackers to install malicious firmware without proper verification....Show more |
1Aqara 3Camera Hub G3 Firmware Hub M2 FirmwareHub M3 FirmwareJun 17, 2026 Dec 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 contain an undocumented remote access mechanism enabling unrestricted remote command execution. |
Command injection vulnerabilities in Aqara Camera Hub G3 4.1.9_0027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset. |
1Aqara 3Camera Hub G3 Firmware Hub M2 FirmwareHub M3 FirmwareJun 17, 2026 Dec 10, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 allows attackers to execute arbitrary commands with root privileges through malicious doma...Show more |
1Aqara 3Camera Hub G3 Firmware Hub M2 FirmwareHub M3 FirmwareJun 17, 2026 Dec 10, 2025 N/A· v4 7.4 HIGH· v3 N/A· v2 Aqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail to validate server certificates in TLS connections for discovery services and CoAP gateway communications, enabling man-in-t...Show more |
1Aqara 3Camera Hub G3 Firmware Hub M2 FirmwareHub M3 FirmwareJun 17, 2026 Dec 10, 2025 N/A· v4 7.4 HIGH· v3 N/A· v2 Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 fail to validate server certificates during HTTPS firmware downloads, allowing man-in-the-middle attackers to intercept firmw...Show more |