Browse all 4 CVE security advisories affecting Smartwares. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Smartwares develops smart home security devices including cameras, sensors, and alarm systems. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and weak authentication mechanisms. While no major public security incidents have been widely documented, the four CVEs on record highlight recurring issues in firmware security and access control. Their devices typically connect to user networks via mobile applications, creating potential attack vectors through exposed APIs and unpatched vulnerabilities. The company's focus on convenience has sometimes prioritized user experience over security hardening, resulting in persistent weaknesses that could allow unauthorized access or device takeover.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-25235 | Smartwares HOME easy 1.0.9 Client-Side Authentication Bypass via Web Pages — Smartwares HOME easyCWE-639 | 9.8 | Critical | 2025-12-24 |
| CVE-2024-13894 | Path traversal in Smartwares cameras — CIP-37210ATCWE-22 | 6.5 | - | 2025-03-06 |
| CVE-2024-13893 | Shared credentials in Smartwares cameras — CIP-37210ATCWE-1392 | 4.6 | - | 2025-03-06 |
| CVE-2024-13892 | Command Injection in Smartwares cameras — CIP-37210ATCWE-78 | 6.6 | - | 2025-03-06 |
This page lists every published CVE security advisory associated with Smartwares. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.