CVE-2022-21806
Description
A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network.
References
ExploitThird Party Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
AccessComplexity | LOW |
ConfidentialityImpact | PARTIAL |
AvailabilityImpact | PARTIAL |
IntegrityImpact | PARTIAL |
BaseScore | 7.5 |
VectorString | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | NONE |