CNNVD-202512-1771 Information

CNNVD ID

CNNVD-202512-1771

Related CVE

CVE-2025-65294

• CNNVD Published: 2025-12-10

Description (Chinese)

Aqara Camera Hub G3等都是美国Aqara公司的一个智能监控摄像机。 Aqara多款产品存在安全漏洞，该漏洞源于未记录的远程访问机制，可能导致远程命令执行。以下产品及版本受到影响：Camera Hub G3 4.1.9_0027版本、Hub M2 4.3.6_0027版本和Hub M3 4.3.6_0025版本。

Description (English)

Aqara Camera Hub G3 and others are smart surveillance cameras for Aqara in the United States. There is a safety gap in more than Aqara ’ s products, which stems from an unrecorded remote access mechanism and may lead to remote command execution. The following products and versions were affected: Camera Hub G3 4.1.9 version 0027, Hub M2 4.3.6 version 0027 and Hub M3 4.3.6 version 0025.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Aqara

Published

2025-12-10

Last Modified

2026-02-24

References

https://github.com/Chapoly1305/myCVEReports/blob/main/Aqara/QR-Command-Injection.md https://github.com/Chapoly1305/myCVEReports/blob/main/Aqara/Undocumented-Remote-Execution.md https://access.redhat.com/security/cve/cve-2025-65294