Yi Technology YI Home Camera 2 HTTP Firmware Update Handler Cryptographic Signature Verification Vulnerability

Vulnerability

A vulnerability exists in the Yi Technology YI Home Camera 2, specifically in version 2.1.1_20171024151200. The issue arises in an unknown function within the file home/web/ipc, related to the HTTP firmware update handler. This vulnerability allows for improper verification of cryptographic signatures, potentially enabling remote exploitation. However, the complexity of successfully executing this attack is considered high, making it difficult to exploit.

Impact

Exploitation of this vulnerability could lead to unauthorized modifications or installations of firmware, potentially allowing for further exploitation of the device or its functionalities.

Added: Mar 20, 2026, 7:18 AM

Updated: Mar 20, 2026, 7:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

4.2

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

4.2

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Yi Technology YI Home Camera 2 HTTP Firmware Update Handler Cryptographic Signature Verification Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating