{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T18:36:39.529","vulnerabilities":[{"cve":{"id":"CVE-2018-3910","sourceIdentifier":"talos-cna@cisco.com","published":"2018-11-01T15:29:00.300","lastModified":"2024-11-21T04:06:16.977","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code execution. An attacker can cause a camera to connect to this SSID to trigger this vulnerability. Alternatively, an attacker can convince a user to connect their camera to this SSID."},{"lang":"es","value":"Existe una vulnerabilidad explotable de ejecución de código en la funcionalidad de configuración OTA de la nube de Yi Home Camera 27US 1.8.7.0D. Un SSID especialmente manipulado puede provocar una inyección de comandos que daría lugar a la ejecución de código. Un atacante puede hacer que la cámara se conecte a este SSID para provocar esta vulnerabilidad. Además, un atacante puede convencer a un usuario para que conecte su cámara a este SSID."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:M/Au:N/C:P/I:P/A:P","baseScore":5.4,"accessVector":"ADJACENT_NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":5.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:yitechnology:yi_home_camera_firmware:1.8.7.0d:*:*:*:*:*:*:*","matchCriteriaId":"B11F5A23-96F7-4FC9-B5DB-FC1D9F5C00C6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:yitechnology:yi_home_camera:-:*:*:*:*:*:*:*","matchCriteriaId":"D317FA89-351E-4921-B72B-4EC3FFA18791"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yitechnology:yi_home:-:*:*:*:*:*:*:*","matchCriteriaId":"393CCEBE-0D15-4B2D-A147-FE9F4FCA4228"}]}]}],"references":[{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0580","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0580","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}