← Back

Yi Home

yi_home

Vendor: Yitechnology • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-3935
1Yitechnology
2Yi Home
Yi Home Camera Firmware
Nov 21, 2024
Nov 2, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. A...Show more
An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability.Show less
CVE-2018-3947
1Yitechnology
2Yi Home
Yi Home Camera Firmware
Nov 21, 2024
Nov 1, 2018
N/A· v4
8.1 HIGH· v3
4.3 MEDIUM· v2
An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 1.8.7.0D. An attacker can sniff network traffic to exploit this vulnerability.
CVE-2018-3910
1Yitechnology
2Yi Home
Yi Home Camera Firmware
Nov 21, 2024
Nov 1, 2018
N/A· v4
8.0 HIGH· v3
5.4 MEDIUM· v2
An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code execution. An attacker ca...Show more
An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code execution. An attacker can cause a camera to connect to this SSID to trigger this vulnerability. Alternatively, an attacker can convince a user to connect their camera to this SSID.Show less
CVE-2018-3900
1Yitechnology
2Yi Home
Yi Home Camera Firmware
Nov 21, 2024
Nov 1, 2018
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker...Show more
An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability. Alternatively, a user could be convinced to display a QR code from the internet to their camera, which could exploit this vulnerability.Show less