Aqara Hub_m3

7 CVEs affecting Aqara Hub_m3. Latest disclosed: 2025-12-10. Critical: 1, High: 5.

Top CVEs affecting Aqara Hub_m3
CVESeverityScorePublishedSummary
CVE-2025-65294Critical9.82025-12-10Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 contain an undocumented remote access mechanism enabling unrestr…
CVE-2025-65295High8.12025-12-10Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 devices, allow attacker…
CVE-2025-65297High7.52025-12-10Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 automatically collect and upload unencrypted sensitive informati…
CVE-2025-65291High7.42025-12-10Aqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail to validate server certificates in TLS connections for discover…
CVE-2025-65290High7.42025-12-10Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 fail to validate server certificates during HTTPS firmware downl…
CVE-2025-65292High7.32025-12-10Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 allows attackers to execute a…
CVE-2025-65296Medium6.52025-12-10NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, and Camera Hub G3 4.1.9_0027 in the JSON processing enable denial-of-se…