CNNVD-202602-267 Information

CNNVD ID

CNNVD-202602-267

Related CVE

CVE-2026-1803

• CNNVD Published: 2026-02-03

Description (Chinese)

Ziroom ZHOME A0101是中国自如（Ziroom）公司的一款智能家居硬件设备。 Ziroom ZHOME A0101 1.0.1.0版本存在安全漏洞，该漏洞源于Dropbear SSH Service组件使用默认凭据，可能导致远程攻击。

Description (English)

Ziroom ZHOME A0101 is a smart home hardware device for Ziroom. There is a security gap in version Ziroom ZHOME A0101 1.0.0, which stems from the use of default certificates for the Dropbear SSH Service component, which could lead to a long-range attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

自如

Published

2026-02-03

Last Modified

2026-02-24

References

https://github.com/Blackhole23-Lab/-/blob/main/vulns/ssh-backdoor.md https://github.com/Blackhole23-Lab/-/blob/main/vulns/ssh-backdoor.md#proof-of-concept https://vuldb.com/?ctiid.343976 https://vuldb.com/?id.343976 https://vuldb.com/?submit.745497 https://vuldb.com/?submit.745529