Tattile Camera < 1.181.5 - Default Login

Tattile Smart+, Vega, and Basic device families firmware = 1.181.5 contain a broken authentication caused by default credentials not forced to be changed, letting attackers with management interface access gain administrative privileges. id: CVE-2026-26341 info: name: Tattile Camera 1.181.5 -...

Yi IoT Home Camera Riddled with Code-Execution Vulnerabilities

Multiple vulnerabilities in the firmware used by the Yi Technology Home Camera version 27US have been found, which could allow remote code-execution on the connected devices. The Yi Home Camera i27US is one of the newer IoT camera models sold in the U.S. It’s an entry-level gadget, which lets...

Yi Technology Home Camera 27US QR Code Base64 Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability...

Security Glitch in IoT Camera Enabled Remote Monitoring

Swann has patched a flaw in its connected cameras that would allow a remote attacker to access their video feeds. A research team, consisting of Andrew Tierney, Chris Wade and Ken Munro from Pen Test Partners, as well as security researchers Alan Woodward, Scott Helme and Vangelis Stykas, develop...