How severe is CVE-2022-21806?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 10 out of 10.

What type of vulnerability is CVE-2022-21806?

This is classified as CWE-368, which is a common weakness in software security.

CVE-2022-21806

CRITICAL Year: 2022

CVSS v3 Score

10.0

Critical

CVSS v2 Score

7.5

High

Weakness Type

CWE-368

View all →

Vulnerability Description

A use-after-free vulnerability exists in the mips_collector appsrv_server functionality of Anker Eufy Homebase 2 2.1.8.5h. A specially-crafted set of network packets can lead to remote code execution. The device is exposed to attacks from the network.

CVE-2021-21941

CRITICAL

CVSS:10.0(Critical)

A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to remote code execution.

CWE-3682021

CVE-2021-21941

CRITICAL

CVSS:10.0(Critical)

A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to remote code execution.

CWE-3682021

CVE-2020-8834

MEDIUM

CVSS:6.5(Medium)

KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of th...

CWE-3682020

CVE-2022-21806

Vulnerability Description

Related Vulnerabilities

CVE-2021-21941

CVE-2021-21941

CVE-2020-8834