Skip to main content

Yi Home Camera Firmware CVE-2018-3900

HIGH
Buffer Overflow (CWE-119)
2018-11-01 talos-cna@cisco.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Nov 01, 2018 - 15:29 nvd
HIGH 8.8

DescriptionNVD

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability. Alternatively, a user could be convinced to display a QR code from the internet to their camera, which could exploit this vulnerability.

AnalysisAI

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability. Alternatively, a user could be convinced to display a QR code from the internet to their camera, which could exploit this vulnerability. Affected products include: Yitechnology Yi Home Camera Firmware, Yitechnology Yi Home.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2018-3934 CRITICAL POC
9.8 Nov 02

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D.

CVE-2018-3892 HIGH POC
8.1 Nov 02

An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D

CVE-2018-3947 HIGH POC
8.1 Nov 01

An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US

CVE-2018-3910 HIGH POC
8.0 Nov 01

An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D.

CVE-2018-3935 HIGH POC
7.5 Nov 02

An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. Rat

CVE-2018-3899 HIGH POC
7.5 Nov 02

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D

CVE-2018-3898 HIGH POC
7.5 Nov 02

An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D

CVE-2018-3928 HIGH POC
7.5 Nov 01

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D.

CVE-2018-3920 MEDIUM POC
6.8 Nov 02

An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7

CVE-2018-3890 MEDIUM POC
6.8 Nov 02

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D.

CVE-2018-3891 MEDIUM POC
4.6 Nov 02

An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7

Share

CVE-2018-3900 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy