2 matches found
Yi Technology Home Camera cloudAPI SSID Code Execution (CVE-2018-3910)
A remote code execution vulnerability exists in Yi Home Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2018-3910
Yi Home Camera 27US 1.8.7.0D is affected by CVE-2018-3910 in the cloud OTA setup. Cisco Talos reports an exploitable remote code execution via a crafted SSID that triggers a command injection in the cloudAPI flow, which can be executed on the device after the camera connects to the attacker’s SSI...