Qiang Zeng

**Name of the Vulnerable Software and Affected Versions** Aqara Camera Hub G3 version 4.1.9 0027 **Description** The Aqara Camera Hub G3 contains command injection flaws. Successful exploitation allows attackers to execute arbitrary commands with root privileges. This is achieved by providing malicious QR codes during device setup and factory reset processes. **Recommendations** Update to a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Aqara Hub versions 4.1.9 0027, 4.3.6 0027, and 4.3.6 0025 **Description** The Aqara Hub firmware update process has flaws that could allow attackers to install malicious firmware without proper verification. The device does not validate firmware signatures during updates and utilizes outdated cryptographic methods susceptible to signature forgery. Additionally, the device reveals information due to improperly initialized memory. **Recommendations** Update to a newer version that contains a fix for this vulnerability.