2 matches found
CVE-2018-3900
An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability...
CVE-2018-3900
CVE-2018-3900 affects Yi Home Camera 27US 1.8.7.0D; a specially crafted QR code exploits the QR code scanning path to trigger a buffer overflow and remote code execution. The root cause lies in the QR base64 parsing/decoding flow (b64_decode) with unbounded output, allowing stack writes that can ...