Skip to main content

Cloud Oauth Authorization Endpoint

1 CVEs product

Monthly

CVE-2026-50090 MEDIUM PATCH This Month

Open redirect / OAuth redirect_uri validation bypass in the Aqara Cloud OAuth authorization endpoint (open-cn.aqara.com/oauth/authorize) allows remote attackers to coerce the IdP into redirecting authorization responses to attacker-controlled hosts due to lax domain-matching logic. With user interaction the flaw can be abused to steal OAuth authorization codes or tokens issued to legitimate Aqara client applications, enabling account takeover of Aqara smart-home accounts. No public exploit identified at time of analysis, though a referenced GitHub repository (xn0tsa/theres-no-place-like-home) and the runZero advisory describe the issue publicly.

Authentication Bypass Cloud Oauth Authorization Endpoint
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Open redirect / OAuth redirect_uri validation bypass in the Aqara Cloud OAuth authorization endpoint (open-cn.aqara.com/oauth/authorize) allows remote attackers to coerce the IdP into redirecting authorization responses to attacker-controlled hosts due to lax domain-matching logic. With user interaction the flaw can be abused to steal OAuth authorization codes or tokens issued to legitimate Aqara client applications, enabling account takeover of Aqara smart-home accounts. No public exploit identified at time of analysis, though a referenced GitHub repository (xn0tsa/theres-no-place-like-home) and the runZero advisory describe the issue publicly.

Authentication Bypass Cloud Oauth Authorization Endpoint
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy