Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Ecovacs — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting Ecovacs. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Ecovacs:Unspecified robotsDEEBOT X1 SeriesECOVACS HOMEDEEBOT X5 PRO PLUSGOAT G1Ecovacs Mobile and Android Application
CVE IDTitleCVSSSeverityPublished
CVE-2025-30198 ECOVACS Vacuum and Base Station Hard-Coded WPA2-PSK — DEEBOT X1 SeriesCWE-321 6.3 Medium2025-09-05
CVE-2025-30199 ECOVACS Vacuum and Base Station accept unsigned firmware — DEEBOT X1 SeriesCWE-494 7.2 High2025-09-05
CVE-2025-30200 ECOVACS Vacuum and Base Station Hard-Coded AES Encryption — DEEBOT X1 SeriesCWE-321 6.3 Medium2025-09-05
CVE-2025-2394 Disclosure of Alibaba (OSS) Keys In Ecovacs Home Android and iOS Mobile Applications — Ecovacs Mobile and Android ApplicationCWE-798 6.5AIMediumAI2025-05-23
CVE-2024-52327 ECOVACS lawnmower and vacuum cloud service live video PIN bypass — ECOVACS HOMECWE-603 6.5 Medium2025-01-23
CVE-2024-12079 ECOVACS lawnmowers cleartext storage of anti-theft PIN — Unspecified robotsCWE-312 3.3 Low2025-01-23
CVE-2024-12078 ECOVACS lawnmowers and vacuums static BLE GATT encryption key — Unspecified robotsCWE-321 6.3 Medium2025-01-23
CVE-2024-11147 ECOVACS lawnmowers and vacuums deterministic root password — Unspecified robotsCWE-798 7.6 High2025-01-23
CVE-2024-52331 ECOVACS lawnmowers and vacuums deterministic firmware encryption key — Unspecified robotsCWE-494 7.5 High2025-01-23
CVE-2024-52330 ECOVACS lawnmowers and vacuums do not properly validate TLS certificates — DEEBOT X5 PRO PLUSCWE-295 7.4 High2025-01-23
CVE-2024-52329 ECOVACS HOME mobile app plugins do not properly validate TLS certificates — ECOVACS HOMECWE-295 7.4 High2025-01-23
CVE-2024-52328 ECOVACS lawnmowers and vacuums insecurely store audio warning files — Unspecified robotsCWE-732 2.3 Low2025-01-23
CVE-2024-52325 ECOVACS robot lawnmowers and vacuums command injection — GOAT G1CWE-77 9.6 Critical2025-01-23

This page lists every published CVE security advisory associated with Ecovacs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.