彙總 anker 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 緩衝區溢位與記憶體損壞 等問題,部分漏洞可能導致 應用程式崩潰,並影響 軟體部署與生產負載 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2022-29503 | A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability. | [email protected] | 9.8 | 1.18% | 2022-09-29 | 2026-06-17 |
| CVE-2022-21806 | A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network. | [email protected] | 9.8 | 2.21% | 2022-06-17 | 2026-06-17 |
| CVE-2022-26073 | A denial of service vulnerability exists in the libxm_av.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to a device reboot. An attacker can send packets to trigger this vulnerability. | [email protected] | 6.5 | 0.71% | 2022-05-05 | 2026-06-17 |
| CVE-2022-25989 | An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted DHCP packet can lead to authentication bypass. An attacker can DHCP poison to trigger this vulnerability. | [email protected] | 8.8 | 0.99% | 2022-05-05 | 2026-06-17 |
| CVE-2021-21953 | An authentication bypass vulnerability exists in the process_msg() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted man-in-the-middle attack can lead to increased privileges. | [email protected] | 8.1 | 0.98% | 2021-12-22 | 2026-06-16 |
| CVE-2021-21952 | An authentication bypass vulnerability exists in the CMD_DEVICE_GET_RSA_KEY_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to increased privileges. | [email protected] | 9.8 | 1.27% | 2021-12-22 | 2026-06-16 |
| CVE-2021-21955 | An authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to password recovery. An attacker can sniff network traffic to trigger this vulnerability. | [email protected] | 7.5 | 0.98% | 2021-12-09 | 2026-06-16 |
| CVE-2021-21954 | A command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to arbitrary command execution. | [email protected] | 9.9 | 2.43% | 2021-12-09 | 2026-06-16 |
| CVE-2021-21951 | An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file. A specially-crafted network packet can lead to code execution. | [email protected] | 10.0 | 2.40% | 2021-12-08 | 2026-06-16 |
| CVE-2021-21950 | An out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process. A specially-crafted network packet can lead to code execution. | [email protected] | 10.0 | 2.40% | 2021-12-08 | 2026-06-16 |
| CVE-2021-21941 | A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to remote code execution. | [email protected] | 9.0 | 1.65% | 2021-10-12 | 2026-06-16 |
| CVE-2021-21940 | A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted network packet can lead to a heap buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | [email protected] | 10.0 | 1.29% | 2021-10-12 | 2026-06-16 |
| CVE-2018-19980 | Anker Nebula Capsule Pro NBUI_M1_V2.1.9 devices allow attackers to cause a denial of service (reboot of the underlying Android 7.1.2 operating system) via a crafted application that sends data to WifiService. | [email protected] | 7.5 | 1.18% | 2018-12-08 | 2026-06-16 |