CVE-2025-65291
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-65291
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Aqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail to validate server certificates in TLS connections for discovery services and CoAP gateway communications, enabling man-in-the-middle attacks on device control and monitoring.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Aqara多款产品 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Aqara Camera Hub G3等都是美国Aqara公司的一个智能监控摄像机。 Aqara多款产品存在安全漏洞,该漏洞源于TLS连接中未验证服务器证书,可能导致中间人攻击。以下产品及版本受到影响:Aqara Hub M2 4.3.6_0027版本、Hub M3 4.3.6_0025版本和Camera Hub G3 4.1.9_0027版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-65291
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-65291
请登录查看更多情报信息。
Other References for CVE-2025-65291 (1)
Same Patch Batch · n/a · 2025-12-10 · 36 CVEs total
| CVE-2025-24857 | 7.6 HIGH | Qualcomm Chipsets 安全漏洞 |
| CVE-2025-65831 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65826 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65820 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65823 | Meatmeet Pro BBQ Thermometer 安全漏洞 | |
| CVE-2025-65821 | Meatmeet Pro BBQ Thermometer 安全漏洞 | |
| CVE-2025-65828 | Meatmeet Pro BBQ Thermometer 安全漏洞 | |
| CVE-2025-65830 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65829 | Meatmeet Pro BBQ Thermometer 安全漏洞 | |
| CVE-2025-65827 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65832 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65290 | Aqara Camera Hub G3 安全漏洞 | |
| CVE-2025-65292 | Aqara多款产品 安全漏洞 | |
| CVE-2025-65294 | Aqara多款产品 安全漏洞 | |
| CVE-2025-65293 | Aqara Camera Hub G3 安全漏洞 | |
| CVE-2025-65295 | Aqara多款产品 安全漏洞 | |
| CVE-2025-65296 | Aqara多款产品 安全漏洞 | |
| CVE-2025-65297 | Aqara多款产品 安全漏洞 | |
| CVE-2025-56429 | FearlessCMS 安全漏洞 | |
| CVE-2025-65803 | FreeImage 安全漏洞 |
Showing top 20 of 36 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-9422
KLiK SocialMediaWebsite HTTP POST Request Parameter injectio - CVE-2026-9421
KLiK SocialMediaWebsite File upload.inc.php uniqid unrestric - CVE-2026-9420
KLiK SocialMediaWebsite HTTP GET Request Parameter injection - CVE-2026-9376
JPress UCenter Article Submission Endpoint doWriteSave impro - CVE-2026-9373
JeecgBoot OpenAPI Endpoint call improper authentication
V. Comments for CVE-2025-65291
No comments yet