CNNVD-202508-770 Information

CNNVD ID

CNNVD-202508-770

Related CVE

CVE-2025-8393

• CNNVD Published: 2025-08-08

Description (Chinese)

Dreamehome app和Dreame MOVAhome app都是美国Dreame公司的一款手机APP。 Dreamehome app和Dreame MOVAhome app存在信任管理问题漏洞，该漏洞源于TLS通信中接受自签名证书，可能导致中间人攻击。

Description (English)

Dreamehome app and Dreame MOVAhome app are both a mobile phone of Dreame in the United States. There is a confidence management gap in Dreamehome app and Dreame MOVAhome app, which stems from the acceptance of self-signed certificates in TLS communications, which may lead to attacks by intermediaries.

Hazard Level

Medium

Vulnerability Type

信任管理问题

Affected Vendor

Dreame

Published

2025-08-08

Last Modified

2026-02-24

References

https://support.dreametech.com/hc/en-us https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-06 https://access.redhat.com/security/cve/cve-2025-8393