Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Yi Technology YI Home Camera HTTP Firmware Update ipc signature verification
Vulnerability Description
A vulnerability was identified in Yi Technology YI Home Camera 2 2.1.1_20171024151200. This impacts an unknown function of the file home/web/ipc of the component HTTP Firmware Update Handler. The manipulation leads to improper verification of cryptographic signature. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is said to be difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
密码学签名的验证不恰当
Vulnerability Title
Yi Technology YI Home Camera 2 数据伪造问题漏洞
Vulnerability Description
Yi Technology YI Home Camera 2是中国Yi Technology公司的一款智能家用摄像设备。 Yi Technology YI Home Camera 2 2.1.1_20171024151200版本存在数据伪造问题漏洞,该漏洞源于组件HTTP Firmware Update Handler的文件home/web/ipc存在加密签名验证不当。
CVSS Information
N/A
Vulnerability Type
N/A