CVE-2026-4475

CVE-2026-4475 concerns Yi Technology YI Home Camera 2 (version 2.1.1_20171024151200). The vulnerability is in an unknown function within the file home/web/ipc, leading to hard-coded credentials. Access to the local network is required for exploitation. Public disclosure has occurred, and the vend...

PT-2026-26569

A vulnerability was found in Yi Technology YI Home Camera 2 2.1.1 20171024151200. The impacted element is an unknown function of the file home/web/ipc of the component CGI Endpoint. Performing a manipulation results in missing authentication. Access to the local network is required for this attac...

Yi Technology YI Home Camera 2 访问控制错误漏洞

The Yi Technology YI Home Camera 2 is an intelligent home camera device developed by China's Yi Technology Company. The version 2.1.120171024151200 of the Yi Technology YI Home Camera 2 has a vulnerability related to access control. This vulnerability stems from a lack of authentication in the...

Yi Technology YI Home Camera 2 数据伪造问题漏洞

The Yi Technology YI Home Camera 2 is an intelligent home camera device developed by China's Yi Technology Company. The version 2.1.120171024151200 of the Yi Technology YI Home Camera 2 has a data manipulation vulnerability. This vulnerability stems from improper encryption signature verification...

Yi Technology YI Home Camera 2 安全漏洞

The Yi Technology YI Home Camera 2 is an intelligent home camera device developed by China's Yi Technology Company. Version 2.1.120171024151200 of the Yi Technology YI Home Camera 2 contains a security vulnerability, which stems from the use of a hard-coded encryption key in the WPA/WPS component...

PT-2026-26568

A vulnerability has been found in Yi Technology YI Home Camera 2 2.1.1 20171024151200. The affected element is an unknown function of the file home/web/ipc. Such manipulation leads to hard-coded credentials. Access to the local network is required for this attack to succeed. The exploit has been...

PT-2026-26572

A vulnerability was identified in Yi Technology YI Home Camera 2 2.1.1 20171024151200. This impacts an unknown function of the file home/web/ipc of the component HTTP Firmware Update Handler. The manipulation leads to improper verification of cryptographic signature. The attack is possible to be...

PT-2026-26571

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.1 20171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

Yi Technology YI Home Camera 2 安全漏洞

The Yi Technology YI Home Camera 2 is an intelligent home camera device developed by China's Yi Technology Company. Version 2.1.120171024151200 of the Yi Technology YI Home Camera 2 contains a security vulnerability, which stems from hard-coded credentials in the home/web/ipc files...

D-Link多款产品 命令注入漏洞

D-Link DNS-120, etc., are products of D-Link Corporation from China. The D-Link DNS-120 is a network storage adapter. The D-Link DNR-202L is a network video camera. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection vulnerabilities, which stem...

czeview-meari-firmware

CZeView / Meari Camera — Root & Firmware Research Reverse eng...

jooan-ja-a52-root

Jooan JA-A52 A2RU Root Exploit Full root shell on the Joo...

Maintaining Security and Protecting Smart Home Devices from Hackers

Learn how to protect smart home devices from hackers. Strong passwords, updates and secure networks help keep cameras, sensors and data safe...

Apeman Cameras

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to take control of the device or view camera feeds. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize...

buffer-overflow-exploit-ip-camera-

buffe...

GHSA-2858-XG23-26FP OpenClaw: Node camera URL payload host-binding bypass allowed gateway fetch pivots

Summary OpenClaw accepted camera.snap / camera.clip node payload url fields and downloaded them on the gateway/agent host without binding downloads to the resolved node host. In OpenClaw's documented trust model, paired nodes are in the same operator trust boundary, so this is scoped as...

OpenClaw: Node camera URL payload host-binding bypass allowed gateway fetch pivots

Summary OpenClaw accepted camera.snap / camera.clip node payload url fields and downloaded them on the gateway/agent host without binding downloads to the resolved node host. In OpenClaw's documented trust model, paired nodes are in the same operator trust boundary, so this is scoped as...

Chrome flaw let extensions hijack Gemini’s camera, mic, and file access

Chrome’s Gemini “Live in Chrome” panel Gemini’s embedded, agent-style assistant mode within Chrome had a high‑severity vulnerability tracked as CVE‑2026‑0628. The flaw let a low‑privilege extension inject code into the Gemini side panel and inherit its powerful capabilities, including local file...

Pelco, Inc. Sarix Pro 3 Series IP Cameras

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to gain unauthorized access to sensitive device data, bypass surveillance controls, and expose facilities to privacy breaches, operational risks, and regulatory compliance issues. 2. RECOMMENDED PRACTICES CISA...

RTSP Unauthenticated Stream Exposure Checker

This Python script uses the OpenCV library cv2 to test whether an IP camera exposes its RTSP stream without authentication. It attempts to connect to the default RTSP endpoint rtsp://:554/default and checks if the stream can be opened and a video frame retrieved successfully. If the connection...