Vulnerabilities > Anker > Eufy Homebase 2 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-09-29 CVE-2022-29503 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40.
network
low complexity
uclibc uclibc-ng-project anker CWE-770
critical
9.8
2022-06-17 CVE-2022-21806 Use After Free vulnerability in Anker Eufy Homebase 2 Firmware 2.1.8.5H
A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h.
network
low complexity
anker CWE-416
critical
9.8
2022-05-05 CVE-2022-25989 Authentication Bypass by Spoofing vulnerability in Anker Eufy Homebase 2 Firmware 2.1.8.5H
An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of Anker Eufy Homebase 2 2.1.8.5h.
low complexity
anker CWE-290
8.8
2022-05-05 CVE-2022-26073 Integer Overflow or Wraparound vulnerability in Anker Eufy Homebase 2 Firmware 2.1.8.5H
A denial of service vulnerability exists in the libxm_av.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h.
low complexity
anker CWE-190
6.5
2021-12-22 CVE-2021-21952 Improper Authentication vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-287
critical
9.8
2021-12-22 CVE-2021-21953 Unspecified vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An authentication bypass vulnerability exists in the process_msg() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
high complexity
anker
8.1
2021-12-09 CVE-2021-21954 OS Command Injection vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-78
critical
9.9
2021-12-09 CVE-2021-21955 Improper Authentication vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-287
7.5
2021-12-08 CVE-2021-21950 Improper Validation of Specified Quantity in Input vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process.
network
low complexity
anker CWE-1284
critical
10.0
2021-12-08 CVE-2021-21951 Improper Validation of Specified Quantity in Input vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file.
network
low complexity
anker CWE-1284
critical
10.0