Yiiot

yiiot

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-29660 1Yiiot 1Xy 3820 Firmware Jun 23, 2025 Apr 21, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to execute arbitrary scripts present...Show more A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to execute arbitrary scripts present on the device by sending specially crafted TCP requests using directory traversal techniques.Show less
CVE-2025-29659 1Yiiot 1Xy 3820 Firmware Jun 23, 2025 Apr 21, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2025-29660

1Yiiot

1Xy 3820 Firmware

Jun 23, 2025

Apr 21, 2025

N/A· v4

9.8 CRITICAL· v3

N/A· v2

A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to execute arbitrary scripts present...Show more

CVE-2025-29659