Vulnerabilities > Anker > Eufy Homebase 2 Firmware > 2.1.6.9h

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-21952 Improper Authentication vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-287
critical
 9.8
9.8
2021-12-22 CVE-2021-21953 Unspecified vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An authentication bypass vulnerability exists in the process_msg() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
high complexity
anker
8.1
8.1
2021-12-09 CVE-2021-21954 OS Command Injection vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-78
critical
 9.9
9.9
2021-12-09 CVE-2021-21955 Improper Authentication vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-287
7.5
7.5
2021-12-08 CVE-2021-21950 Improper Validation of Specified Quantity in Input vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process.
network
low complexity
anker CWE-1284
critical
 10.0
10
2021-12-08 CVE-2021-21951 Improper Validation of Specified Quantity in Input vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file.
network
low complexity
anker CWE-1284
critical
 10.0
10
2021-10-12 CVE-2021-21940 Out-of-bounds Write vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-787
critical
 10.0
10
2021-10-12 CVE-2021-21941 Use After Free vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h.
network
high complexity
anker CWE-416
critical
 9.0
9.0