Share:

CVE-2025-65293 - Aqara Camera Hub G3 Firmware

December 10, 2025

Moderate 6.6

Command injection vulnerabilities in Aqara Camera Hub G3 4.1.9_0027 allow attackers to execute arbitrary commands with root privileges through malicious QR codes during device setup and factory reset.

Affected software

Aqara Camera Hub G3 Firmware

Reference links

https://github.com/Chapoly1305/myCVEReports/blob/main/Aqara/QR-Command-Injection.md

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.