Cisco Blogs

Vulnerability Spotlight: Multiple Vulnerabilities in Yi Technology Home Camera

October 31, 2018 - 0 Comments

Vulnerabilities Discovered by Lilith [x_x] of Cisco Talos.


Cisco Talos is disclosing multiple vulnerabilities in the firmware of the Yi Technology Home Camera. In order to prevent the exploitation of these vulnerabilities, Talos worked with Yi Technology to make sure a newer version of the firmware is available to users. These vulnerabilities could allow an attacker to gain remote code execution on the devices via a command injection, bypass methods of network authentication, or disable the device.

The Yi Home Camera is an internet-of-things (IoT) home camera sold globally. The 27US version is one of the newer models sold in the U.S. and is the most basic model out of the Yi Technology camera lineup.

It includes all the functions that one would expect from an IoT device, including the ability to view the camera’s feed from anywhere, offline storage, subscription-based cloud storage and easy setup.

Read the complete details here

Leave a comment

We'd love to hear from you! Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed and HTML formatting will not appear.