CVE-2025-65296

Medium CVSS: 6.5

NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, and Camera Hub G3 4.1.9_0027 in the JSON processing enable denial-of-service attacks through malformed JSON inputs.

Vendor

Aqara

Product

Hub M2 Firmware

CWE

CWE-476

Yayın Tarihi

2025-12-10 22:16:27

Güncelleme

2025-12-17 19:46:26

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-476 Hub M2 Firmware MEDIUM Aqara 2025

Referanslar

https://github.com/Chapoly1305/myCVEReports/blob/main/Aqara/JSON-NULL-Dereference.md

Benzer Kayıtlar

Critical

CVE-2025-65294

Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 contain an undocumented r…

High

CVE-2025-65295

Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hu…

High

CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 automatically collect and…

High

CVE-2025-65290

Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 fail to validate server c…

High

CVE-2025-65291

Aqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail to validate server certi…

High

CVE-2025-65292

Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4…