Search criteria
4 vulnerabilities found for xy-3820_firmware by yiiot
CVE-2025-29660 (GCVE-0-2025-29660)
Vulnerability from nvd – Published: 2025-04-21 00:00 – Updated: 2025-04-21 15:09
VLAI?
Summary
A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to execute arbitrary scripts present on the device by sending specially crafted TCP requests using directory traversal techniques.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-29660",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-21T15:07:57.770925Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T15:09:08.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to execute arbitrary scripts present on the device by sending specially crafted TCP requests using directory traversal techniques."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T14:48:26.540Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Yasha-ops/RCE-YiIOT"
},
{
"url": "https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29660"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-29660",
"datePublished": "2025-04-21T00:00:00.000Z",
"dateReserved": "2025-03-11T00:00:00.000Z",
"dateUpdated": "2025-04-21T15:09:08.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-29659 (GCVE-0-2025-29659)
Vulnerability from nvd – Published: 2025-04-21 00:00 – Updated: 2025-04-21 15:01
VLAI?
Summary
Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-29659",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-21T15:00:11.349807Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T15:01:10.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29659"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the \"cmd_listen\" function located in the \"cmd\" binary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T14:28:03.430Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Yasha-ops/RCE-YiIOT"
},
{
"url": "https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29659"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-29659",
"datePublished": "2025-04-21T00:00:00.000Z",
"dateReserved": "2025-03-11T00:00:00.000Z",
"dateUpdated": "2025-04-21T15:01:10.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-29660 (GCVE-0-2025-29660)
Vulnerability from cvelistv5 – Published: 2025-04-21 00:00 – Updated: 2025-04-21 15:09
VLAI?
Summary
A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to execute arbitrary scripts present on the device by sending specially crafted TCP requests using directory traversal techniques.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-29660",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-21T15:07:57.770925Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T15:09:08.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to execute arbitrary scripts present on the device by sending specially crafted TCP requests using directory traversal techniques."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T14:48:26.540Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Yasha-ops/RCE-YiIOT"
},
{
"url": "https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29660"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-29660",
"datePublished": "2025-04-21T00:00:00.000Z",
"dateReserved": "2025-03-11T00:00:00.000Z",
"dateUpdated": "2025-04-21T15:09:08.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-29659 (GCVE-0-2025-29659)
Vulnerability from cvelistv5 – Published: 2025-04-21 00:00 – Updated: 2025-04-21 15:01
VLAI?
Summary
Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-29659",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-21T15:00:11.349807Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T15:01:10.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29659"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the \"cmd_listen\" function located in the \"cmd\" binary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T14:28:03.430Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/Yasha-ops/RCE-YiIOT"
},
{
"url": "https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-29659"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-29659",
"datePublished": "2025-04-21T00:00:00.000Z",
"dateReserved": "2025-03-11T00:00:00.000Z",
"dateUpdated": "2025-04-21T15:01:10.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}