Anker Eufy Homebase 2 mips_collector appsrv_server use-after-free vulnerability [CVE-2022-21806]

CVE number = CVE-2022-21806

A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h.

A specially-crafted set of network packets can lead to remote code execution.

The device is exposed to attacks from the network.

The Anker Eufy Homebase 2 is the video storage and networking gateway that enables the functionality of the Eufy Smarthome ecosystem. All Eufy devices connect back to this device, and this device connects out to the cloud, while also providing assorted services to enhance other Eufy Smarthome devices.

Affected Software

Anker Eufy Homebase 2 2.1.8.5h

Duncan

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: