CVE-2018-3928

Published: Nov 1, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a settings change, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability.

Affected (1)

Products: Yitechnology: Yi Home Camera Firmware

1 product

Yi Home Camera Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Yitechnology Yi Home Camera Firmware	Version 1.8.7.0d

Running on/with	Platform Versions
Yitechnology Yi Home Camera	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0595

Source: talos-cna@cisco.com

ExploitTechnical DescriptionThird Party Advisory

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0595

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitTechnical DescriptionThird Party Advisory

Timeline

No history available yet.