CyberSec.Space Logo
Back to CVE Browser

CVE-2018-3892

HIGH
8.1
CVSS Severity Score
EPSS Score0.0380%
EPSS Percentile5.54th
PublishedNov 2, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulnerability.

Affected Platforms (CPE)

💻
Yitechnology

Yi Home Camera Firmware

= 1.8.7.0d

References & Advisories

🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0567
🔗 https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0567

Related Vulnerabilities

CVE-2018-39349.8

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A special...

CVE-2018-202999.8

An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware befor...

CVE-2018-39287.5

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A special...

CVE-2018-38906.8

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A special...