CVE-2018-3947

CWE-200Information Exposure3 documents3 sources
Severity
8.1HIGH
EPSS
0.5%
top 32.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
YI YI TechnologyYitechnology YI Home Camera Firmware
Timeline
PublishedNov 1
Latest updateMay 13

Description

An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 1.8.7.0D. An attacker can sniff network traffic to exploit this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5yi/yi_technologyYi Technology Home Camera 27US 1.8.7.0D

🔴Vulnerability Details

2
GHSA
GHSA-p6vg-q7p3-vh4v: An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 12022-05-13
CVEList
CVE-2018-3947: An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 12018-11-01
CVE-2018-3947 (HIGH CVSS 8.1) | An exploitable information disclosu | cvebase.io