cbcvebase.

Aqara Camera Hub G3 Firmware vulnerabilities

8 known vulnerabilities affecting aqara/camera_hub_g3_firmware.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2025-65294P2CRITICALCVSS 9.8v4.1.9_00272025-12-10
CVE-2025-65294 [CRITICAL] CWE-94 CVE-2025-65294: Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 conta Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 contain an undocumented remote access mechanism enabling unrestricted remote command execution.
nvd
CVE-2025-65292P3HIGHCVSS 7.3v4.1.9_00272025-12-10
CVE-2025-65292 [HIGH] CWE-77 CVE-2025-65292: Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3. Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 allows attackers to execute arbitrary commands with root privileges through malicious domain names.
nvd
CVE-2025-65295P3HIGHCVSS 8.1v4.1.9_00272025-12-10
CVE-2025-65295 [HIGH] CWE-326 CVE-2025-65295: Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027, Hub M Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 devices, allow attackers to install malicious firmware without proper verification. The device fails to validate firmware signatures during updates, uses outdated cryptographic methods that can be exploited to forge v
nvd
CVE-2025-65290P3HIGHCVSS 7.4v4.1.9_00272025-12-10
CVE-2025-65290 [HIGH] CWE-295 CVE-2025-65290: Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 fail Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 fail to validate server certificates during HTTPS firmware downloads, allowing man-in-the-middle attackers to intercept firmware update traffic and potentially serve modified firmware files.
nvd
CVE-2025-65291P3HIGHCVSS 7.4v4.1.9_00272025-12-10
CVE-2025-65291 [HIGH] CWE-295 CVE-2025-65291: Aqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail to v Aqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail to validate server certificates in TLS connections for discovery services and CoAP gateway communications, enabling man-in-the-middle attacks on device control and monitoring.
nvd
CVE-2025-65293P3MEDIUMCVSS 6.6v4.1.9_00272025-12-10
CVE-2025-65293 [MEDIUM] CWE-77 CVE-2025-65293: Command injection vulnerabilities in Aqara Camera Hub G3 4.1.9_0027 allow attackers to execute arbit Command injection vulnerabilities in Aqara Camera Hub G3 4.1.9_0027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset.
nvd
CVE-2025-65297P3HIGHCVSS 7.5v4.1.9_00272025-12-10
CVE-2025-65297 [HIGH] CWE-5 CVE-2025-65297: Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 autom Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer.
nvd
CVE-2025-65296P4MEDIUMCVSS 6.5v4.1.9_00272025-12-10
CVE-2025-65296 [MEDIUM] CWE-476 CVE-2025-65296: NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, and Camera H NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, and Camera Hub G3 4.1.9_0027 in the JSON processing enable denial-of-service attacks through malformed JSON inputs.
nvd
Aqara Camera Hub G3 Firmware vulnerabilities | cvebase