Anker Eufy Homebase 2 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Anker Eufy Homebase 2 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2021-21951 — CVSS 10.0 (critical): An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker…
CVE-2021-21940 — CVSS 10.0 (critical): A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A…
CVE-2021-21950 — CVSS 10.0 (critical): An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker…
CVE-2021-21954 — CVSS 9.9 (critical): A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2…
CVE-2022-29503 — CVSS 9.8 (critical): A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread…
CVE-2022-21806 — CVSS 9.8 (critical): A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A…
CVE-2021-21952 — CVSS 9.8 (critical): An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy…
CVE-2021-21941 — CVSS 9.0 (critical): A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h. A…
CVE-2022-25989 — CVSS 8.8 (high): An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of Anker Eufy Homebase 2 2.1.8.5h. A…
CVE-2021-21953 — CVSS 8.1 (high): An authentication bypass vulnerability exists in the process_msg() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h…
CVE-2021-21955 — CVSS 7.5 (high): An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy…
CVE-2022-26073 — CVSS 6.5 (medium): A denial of service vulnerability exists in the libxm_av.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A…