Braelynn Luedtke

3 exploits Active since Sep 2025
CVE-2025-30198 WRITEUP MEDIUM WRITEUP
ECOVACS DEEBOT Firmware - Use of Hard-coded Cryptographic Key in Wi-Fi WPA2-PSK
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived.
CVSS 6.3
CVE-2025-30199 WRITEUP HIGH WRITEUP
ECOVACS Deebot Firmware - Unauthenticated Firmware Update Spoofing via Insecure OTA Connection
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
CVSS 7.2
CVE-2025-30200 WRITEUP MEDIUM WRITEUP
ECOVACS DEEBOT Firmware - Use of Hard-coded Cryptographic Key in Wi-Fi Communication
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived.
CVSS 6.3