CVE-2026-4476

MEDIUM NVD

CVSS Score 6.3

Severity MEDIUM

Published Mar 20, 2026

Vendor unknown

Description

A vulnerability was found in Yi Technology YI Home Camera 2 2.1.1_20171024151200. The impacted element is an unknown function of the file home/web/ipc of the component CGI Endpoint. Performing a manipulation results in missing authentication. Access to the local network is required for this attack. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

References

https://vuldb.com/?ctiid.351766
https://vuldb.com/?id.351766
https://vuldb.com/?submit.773070