Описание
An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw, resulting in a firmware downgrade. An attacker can insert an SD card to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:yitechnology:yi_home_camera_firmware:1.8.7.0d:*:*:*:*:*:*:*
cpe:2.3:h:yitechnology:yi_home_camera:-:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
5.7 Medium
CVSS3
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
CVSS3: 4.6
github
больше 3 лет назад
An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw, resulting in a firmware downgrade. An attacker can insert an SD card to trigger this vulnerability.
EPSS
Процентиль: 18%
0.00056
Низкий
5.7 Medium
CVSS3
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other