Yi Home Camera Firmware Security Vulnerabilities and Issues — Yi Home Camera Firmware CVE List

Lucene search

YitechnologyYi Home Camera Firmware

4 matches found

CVE•added 2018/11/01 3:29 p.m.•48 views

CVE-2018-3900

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability. Alternatively...

9.1CVSS8.9AI score0.00835EPSS

CVE•added 2018/11/02 5:29 p.m.•44 views

CVE-2018-3892

An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulnerability.

9.6CVSS8.2AI score0.01614EPSS

CVE•added 2018/11/01 3:29 p.m.•44 views

CVE-2018-3947

An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 1.8.7.0D. An attacker can sniff network traffic to exploit this vulnerability.

9CVSS7.5AI score0.00502EPSS

CVE•added 2018/11/02 5:29 p.m.•43 views

CVE-2018-3934

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff network traffic and send a set of packets to trigger t...

9.8CVSS9.6AI score0.00224EPSS