Vulnerabilities > Anker > Eufy Homebase 2 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-09-29 CVE-2022-29503 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40.
network
low complexity
uclibc uclibc-ng-project anker CWE-770
critical
9.8
2022-06-17 CVE-2022-21806 Use After Free vulnerability in Anker Eufy Homebase 2 Firmware 2.1.8.5H
A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h.
network
low complexity
anker CWE-416
critical
9.8
2021-12-22 CVE-2021-21952 Improper Authentication vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-287
critical
9.8
2021-12-09 CVE-2021-21954 OS Command Injection vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-78
critical
9.9
2021-12-08 CVE-2021-21951 Improper Validation of Specified Quantity in Input vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file.
network
low complexity
anker CWE-1284
critical
10.0
2021-12-08 CVE-2021-21950 Improper Validation of Specified Quantity in Input vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process.
network
low complexity
anker CWE-1284
critical
10.0
2021-10-12 CVE-2021-21941 Use After Free vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h.
network
high complexity
anker CWE-416
critical
9.0
2021-10-12 CVE-2021-21940 Out-of-bounds Write vulnerability in Anker Eufy Homebase 2 Firmware 2.1.6.9H
A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h.
network
low complexity
anker CWE-787
critical
10.0