Yitechnology

Yi Home Camera Firmware

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2018-3890

Exploit
  • EPSS 0.37%
  • Published 02.11.2018 17:29:00
  • Last modified 21.11.2024 04:06:14

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD ...

4.6

CVE-2018-3891

Exploit
  • EPSS 0.13%
  • Published 02.11.2018 17:29:00
  • Last modified 21.11.2024 04:06:14

An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw, resulting in a firmware downgrade. An attacker can insert an SD card to trig...

8.1

CVE-2018-3892

Exploit
  • EPSS 1.61%
  • Published 02.11.2018 17:29:00
  • Last modified 21.11.2024 04:06:14

An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network...

7.5

CVE-2018-3898

Exploit
  • EPSS 0.59%
  • Published 02.11.2018 17:29:00
  • Last modified 21.11.2024 04:06:15

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans_info call can overwrite a buffer...

7.5

CVE-2018-3899

Exploit
  • EPSS 0.73%
  • Published 02.11.2018 17:29:00
  • Last modified 21.11.2024 04:06:15

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans_info call can overwrite a buffer...

6.8

CVE-2018-3920

Exploit
  • EPSS 0.13%
  • Published 02.11.2018 17:29:00
  • Last modified 21.11.2024 04:06:18

An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can ...

9.8

CVE-2018-3934

Exploit
  • EPSS 0.22%
  • Published 02.11.2018 17:29:00
  • Last modified 21.11.2024 04:06:19

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff netwo...

7.5

CVE-2018-3935

Exploit
  • EPSS 0.44%
  • Published 02.11.2018 17:29:00
  • Last modified 21.11.2024 04:06:20

An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. An attacker can send a set of p...

8.8

CVE-2018-3900

Exploit
  • EPSS 0.84%
  • Published 01.11.2018 15:29:00
  • Last modified 21.11.2024 04:06:15

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR ...

8

CVE-2018-3910

Exploit
  • EPSS 0.14%
  • Published 01.11.2018 15:29:00
  • Last modified 21.11.2024 04:06:16

An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code execution. An attacker can cause a camera to connect to...