eufy-security-client [Bug]: After installing Node.js 22.16.0, the adapter fails to start

Client version

1.3.3

Node version

22.16.0

Operating System type

Linux

Operating system version

Debian 12

Describe the bug

After installing Node.js 22.16.0, the adapter fails to start.

To reproduce

Install Node.js 22.x
Start Adapter
See errors in log

Screenshots & Logfiles

2025-05-25 12:08:26.250  - info: host.iobroker Restart adapter system.adapter.eusec.0 because enabled
2025-05-25 12:08:56.453  - info: host.iobroker instance system.adapter.eusec.0 in version "1.3.3" started with pid 41895
2025-05-25 12:08:56.460  - error: host.iobroker Caught by controller[0]: /usr/bin/node: Error: Attempt to revert an unknown CVE [CVE-2023-46809]
2025-05-25 12:08:56.460  - error: host.iobroker instance system.adapter.eusec.0 terminated with code 12 (UNKNOWN_PACKET_NAME)
2025-05-25 12:08:56.460  - info: host.iobroker Restart adapter system.adapter.eusec.0 because enabled

Additional context

(https://github.com/bropat/eufy-security-client/issues/577)

May 25 '25 10:05 Marc-Berg

Unfortunately, with NodeJS v22 it is not possible to revert the RSA_PKCS1_PADDING fix (see (Unable to use RSA_PKCS1_PADDING with v22+ - --security-revert suggests CVE-2024-PEND #55628)).

So the client is at the moment not compatible to NodeJS v22.

Jun 06 '25 13:06 PhilippEngler

You can set 'enableEmbeddedPKCS1Support: true' as a option when you create the eufy security client This will fallback to a web based support

Jun 06 '25 21:06 martijnpoppen

install node 24.5.0

Aug 03 '25 11:08 Uzlopak

install node 24.5.0

that doesn't help

Aug 13 '25 11:08 Andiweli

You can set 'enableEmbeddedPKCS1Support: true' as a option when you create the eufy security client This will fallback to a web based support

I have the same issue with my docker based instance. With "create the eufy security client", you mean the adapter installation? Where to add an argument? I cannot find in the guit, nor in the cli.

Aug 15 '25 06:08 T0rax

Same here. IOB running in Docker image (actual version including the nodejs 22.20.0) Please help /fix the Eufy Adapter to run in an actual 20+ Version?

Oct 21 '25 10:10 GM-Jokemaster

Link to your .Dockerfile?

Oct 21 '25 10:10 Uzlopak

buanet/iobroker:latest

https://hub.docker.com/r/buanet/iobroker

Oct 21 '25 10:10 GM-Jokemaster

That is the docker hub path.

The .Dockerfile is can be found here https://github.com/buanet/ioBroker.docker/blob/main/debian12%2FDockerfile

You could modify it to use latest node 24. Create a free docker hub account and push your new image it to it, so that you can pull it from there.

Oct 21 '25 10:10 Uzlopak

OK... you are saying it is an error (how the RSA_PKCS1_PADDING is handled) in all versions >=20 until 24 ? And in 24 it is "fixed" ?
22 is the currend LTS version .....

andiweli on Aug 13

install node 24.5.0

that doesn't help

Oct 21 '25 11:10 GM-Jokemaster

I checked it. The necessary openSSL update happened for node 22 with node 22.20.0, released on 24th September 2025.

https://nodejs.org/en/blog/release/v22.20.0

So you need atleast 22.20.0 or newer for supporting eufy.

The docker image mentioned above had a release about 20 days ago. Let me check again...

Oct 21 '25 11:10 Uzlopak

Like i wrote nodejs = 22.20.0 and node 22.20.0

/usr/bin/nodejs v22.20.0 /usr/bin/node v22.20.0 /usr/bin/npm 10.9.3 /usr/bin/npx 10.9.3 /usr/bin/corepack 0.34.0

Oct 21 '25 11:10 GM-Jokemaster

https://hub.docker.com/r/buanet/iobroker/tags

So you need to pull the latest image. Maybe you need to force pull the latest latest image. Idk how. Docker manual should help here. Either there is a flag to pull latest or you need to purge your image cache before pulling normally the image.

Oct 21 '25 11:10 Uzlopak

You are right at the Docker Version mine is v10.0.0 not v11.0.0 .. im on it ... hope it fixes it 👍🏼

Oct 21 '25 11:10 GM-Jokemaster

Still not working Node is the same Official Stable v22.20.0 LTS The Problem must be in the Adapter. By using the outdated Node 20 it worked. Any update over 20 = Failure

2025-10-21 14:06:20.758 | error | instance system.adapter.eusec.0 terminated with code 12 (UNKNOWN_PACKET_NAME) 2025-10-21 14:06:20.757 | error | Caught by controller[0]: /usr/bin/node: Error: Attempt to revert an unknown CVE [CVE-2023-46809]

/usr/bin/node: Error: Attempt to revert an unknown CVE [CVE-2023-46809]

/usr/bin/nodejs v22.20.0 /usr/bin/node v22.20.0 /usr/bin/npm 10.9.3 /usr/bin/npx 10.9.3 /usr/bin/corepack 0.34.0

Oct 21 '25 12:10 GM-Jokemaster

OK beating a dead Cow ... -> https://github.com/bropat/ioBroker.eusec/issues/484#issuecomment-3393035569

Oct 21 '25 12:10 GM-Jokemaster

@GM-Jokemaster Answered there

https://github.com/bropat/ioBroker.eusec/issues/484#issuecomment-3426846294

Oct 21 '25 14:10 Uzlopak

Here is a quick temporary fix until the adapter gets updated:

Upgrade to node.js 22
Stop Instance
Edit "/opt/iobroker/node_modules/iobroker.eusec/build/main.js"
Find if (fixNeeded >= 0) { and change to if (fixNeeded < 0) {
Switch on the Expert mode in ioBroker admin
Find system.adapter.eusec.0
Edit Object Data
Delete , "nodeProcessParams": [ "--security-revert=CVE-2023-46809" ]
Start Instance

Note: This fix will be overwritten when you update the adapter.

Oct 22 '25 06:10 Marc-Berg

The workaround did not work for me. I did change step 3 , but there is no , "nodeProcessParams": [ "--security-revert=CVE-2023-46809" ] in my eusec's object data. Upgraded to node 22 and the following errors were thrown:

`host.iobroker 2025-10-22 11:11:38.108 error Caught by controller[0]: /usr/bin/node: Error: Attempt to revert an unknown CVE [CVE-2023-46809]

host.iobroker 2025-10-22 11:11:38.108 error instance system.adapter.eusec.0 terminated with code 12 (UNKNOWN_PACKET_NAME)`

Oct 22 '25 09:10 guitardoc

Different order in my case: I upgraded to Node.js 22.21.0 first, then applied the workaround after the error appeared.

Oct 22 '25 09:10 Marc-Berg

Yes, this order works. Thank you for the workaround and your help! Really appreciate it!

Oct 22 '25 09:10 guitardoc

I’ve added one more step before starting — upgrading to Node.js 22 — to the existing instructions above.

Oct 22 '25 09:10 Marc-Berg

Hi and TY @Marc-Berg !! 🤟🏼 🥇 I can confirm worked like a charm !

Official Docker Container v11 with 22.20.0 LTS Node worked !! https://github.com/buanet/ioBroker.docker/blob/main/debian12%2FDockerfile

Oct 22 '25 16:10 GM-Jokemaster

My Container Manager obviously did not pull the latest iobroker container, but the Quick Fix from @Marc-Berg worked! Thank you very much for sharing this, finally my alarm system is back up after a few months. Hopefully we can find someone who is able to maintain this great adapter for the future.

Oct 22 '25 19:10 harryslapalot

I could provide a PR to fix the issue, when I am back in germany from our austria vacation. Should be not hard to implement. But I want to remark: I am not using eufy products nor iobroker etc.. So i can not test it at all.

Oct 23 '25 00:10 Uzlopak

Here is a quick temporary fix until the adapter gets updated:

Upgrade to node.js 22

Stop Instance

Edit "/opt/iobroker/node_modules/iobroker.eusec/build/main.js"

Find if (fixNeeded >= 0) { and change to if (fixNeeded < 0) {

Switch on the Expert mode in ioBroker admin

Find system.adapter.eusec.0

Edit Object Data

Delete , "nodeProcessParams": [ "--security-revert=CVE-2023-46809" ]

Start Instance

Note: This fix will be overwritten when you update the adapter.

This workaround works for me as well! Thank you.

Oct 24 '25 05:10 dodi666