Skip to main content

Yeelight Classic

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-8210 LOW POC Monitor

Improper export of Android application components in Yeelink Yeelight App up to version 3.5.4 allows local attackers with user-level privileges to access sensitive application functions through the AndroidManifest.xml configuration of the com.yeelight.cherry component. The vulnerability has a very low real-world impact (CVSS 1.9, EPSS 0.03%) despite public exploit availability, as exploitation requires local device access and user-level privileges, limiting practical attack scenarios to compromised or physically accessible devices.

Information Disclosure Google Yeelight Classic
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-8210
EPSS 0% CVSS 1.9
LOW POC Monitor

Improper export of Android application components in Yeelink Yeelight App up to version 3.5.4 allows local attackers with user-level privileges to access sensitive application functions through the AndroidManifest.xml configuration of the com.yeelight.cherry component. The vulnerability has a very low real-world impact (CVSS 1.9, EPSS 0.03%) despite public exploit availability, as exploitation requires local device access and user-level privileges, limiting practical attack scenarios to compromised or physically accessible devices.

Information Disclosure Google Yeelight Classic
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy