Browse all 3 CVE security advisories affecting The Genie Company. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Genie Company develops smart home automation systems focused on remote control and monitoring of household devices. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms. Security researchers have identified multiple instances of hardcoded credentials and insecure API endpoints in their devices. While no major public security incidents have been documented, the three CVEs on record highlight persistent issues in their software development lifecycle, particularly in web interfaces and mobile applications that control connected devices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-5881 | Unauthenticated access permitted to web interface page "Garage Door Control Module Setup" — Aladdin Connect (Retrofit-Kit)CWE-306 | 7.5AI | HighAI | 2024-01-03 |
| CVE-2023-5880 | Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name — Aladdin Connect (Retrofit-Kit)CWE-79 | 6.1AI | MediumAI | 2024-01-03 |
| CVE-2023-5879 | Aladdin Connect Android Application Insecure Storage — Aladdin Connect Mobile ApplicationCWE-922 | 4.6AI | MediumAI | 2024-01-03 |
This page lists every published CVE security advisory associated with The Genie Company. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.