Braelynn Luedtke

3 exploits Active since Sep 2025
CVE-2025-30198 WRITEUP MEDIUM WRITEUP
ECOVACS - Info Disclosure
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived.
CVSS 6.3
CVE-2025-30199 WRITEUP HIGH WRITEUP
ECOVACS - Code Injection
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
CVSS 7.2
CVE-2025-30200 WRITEUP MEDIUM WRITEUP
ECOVACS - Info Disclosure
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived.
CVSS 6.3