Yi Technology YI Home Camera 2 Missing Authentication Vulnerability in CGI Endpoint

Vulnerability

A vulnerability exists in the Yi Technology YI Home Camera 2, specifically in version 2.1.1_20171024151200. The issue arises within an unknown function of the file home/web/ipc, related to the CGI Endpoint component. This vulnerability allows for missing authentication, but requires access to the local network to exploit.

Impact

Exploitation of this vulnerability could lead to unauthorized access or actions within the application, due to the missing authentication requirement.

Added: Mar 20, 2026, 7:27 AM

Updated: Mar 20, 2026, 7:27 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

6.2

remediation

0.0

relevance

4.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

5.0

exploitability

6.2

remediation

0.0

relevance

4.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Yi Technology YI Home Camera 2 Missing Authentication Vulnerability in CGI Endpoint

Vulnerability

Impact

Affected Products

Yi Technology YI Home Camera 2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating