CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ecovacs: >> Deebot X5 Pro Plus Firmware Security Vulnerabilities

CVE-2024-52330

ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.

CVSS Score

7.4

EPSS Score

0.001

Published

2025-01-23

CVE-2024-52325

ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.

CVSS Score

9.6

EPSS Score

0.074

Published

2025-01-23

Page 1

Vulnerabilities

Vulnerable Software

Ecovacs: >> Deebot X5 Pro Plus Firmware Security Vulnerabilities

Products

Pricing

Contact Us