CVE-2025-65295
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-65295
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple vulnerabilities in Aqara Hub firmware update process in the Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 devices, allow attackers to install malicious firmware without proper verification. The device fails to validate firmware signatures during updates, uses outdated cryptographic methods that can be exploited to forge valid signatures, and exposes information through improperly initialized memory.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Aqara多款产品 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Aqara Camera Hub G3等都是美国Aqara公司的一个智能监控摄像机。 Aqara多款产品存在安全漏洞,该漏洞源于固件更新过程中未验证签名,可能导致安装恶意固件。以下产品及版本受到影响:Aqara Camera Hub G3 4.1.9_0027版本、Hub M2 4.3.6_0027版本和Hub M3 4.3.6_0025版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-65295
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-65295
请登录查看更多情报信息。
Same Patch Batch · n/a · 2025-12-10 · 36 CVEs total
| CVE-2025-24857 | 7.6 HIGH | Qualcomm Chipsets 安全漏洞 |
| CVE-2025-65831 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65826 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65820 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65823 | Meatmeet Pro BBQ Thermometer 安全漏洞 | |
| CVE-2025-65821 | Meatmeet Pro BBQ Thermometer 安全漏洞 | |
| CVE-2025-65828 | Meatmeet Pro BBQ Thermometer 安全漏洞 | |
| CVE-2025-65830 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65829 | Meatmeet Pro BBQ Thermometer 安全漏洞 | |
| CVE-2025-65827 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65832 | Meatmeet Pro App 安全漏洞 | |
| CVE-2025-65291 | Aqara多款产品 安全漏洞 | |
| CVE-2025-65290 | Aqara Camera Hub G3 安全漏洞 | |
| CVE-2025-65292 | Aqara多款产品 安全漏洞 | |
| CVE-2025-65294 | Aqara多款产品 安全漏洞 | |
| CVE-2025-65293 | Aqara Camera Hub G3 安全漏洞 | |
| CVE-2025-65296 | Aqara多款产品 安全漏洞 | |
| CVE-2025-65297 | Aqara多款产品 安全漏洞 | |
| CVE-2025-56429 | FearlessCMS 安全漏洞 | |
| CVE-2025-65803 | FreeImage 安全漏洞 |
Showing top 20 of 36 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-6638
PostgreSQL REFRESH PUBLICATION allows SQL injection via tabl - CVE-2026-6575
PostgreSQL pg_restore_attribute_stats accepts values that ca - CVE-2026-6637
PostgreSQL refint allows stack buffer overflow and SQL injec - CVE-2026-6479
PostgreSQL SSL/GSS init causes denial of service, via uncont - CVE-2026-6478
PostgreSQL discloses MD5-hashed passwords via covert timing
V. Comments for CVE-2025-65295
No comments yet