Vulnerability-Lookup

CVE-2018-3890 (GCVE-0-2018-3890)

Vulnerability from cvelistv5 – Published: 2018-11-02 17:00 – Updated: 2024-08-05 04:57

Summary

Severity ?

7.6 (High)


                        
                          CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

command injection

Assigner

talos

References

URL

	Vendor	Product	Version
	unknown	Yi Technology	Affected: Yi Technology Home Camera 27US 1.8.7.0D

VAR-201811-0490

Vulnerability from variot - Updated: 2025-01-30 22:26

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability. Yi Home Camera Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. YiHomeCamera is a globally sold IoT home camera. Yi Home Camera 27US is a network camera product of Yi Technology Company in the United States

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201811-0490",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "yi home camera",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "yitechnology",
        "version": "1.8.7.0d"
      },
      {
        "model": "home camera",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "yi",
        "version": "27us 1.8.7.0d"
      },
      {
        "model": "technology home camera 27us 1.8.7.0d",
        "scope": null,
        "trust": 0.6,
        "vendor": "yi",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3890"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:yitechnology:yi_home_camera_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      }
    ]
  },
  "cve": "CVE-2018-3890",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-3890",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2018-22808",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-133921",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.9,
            "id": "CVE-2018-3890",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "author": "talos-cna@cisco.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.9,
            "id": "CVE-2018-3890",
            "impactScore": 6.0,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Physical",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.8,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-3890",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-3890",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "talos-cna@cisco.com",
            "id": "CVE-2018-3890",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-3890",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-22808",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201811-032",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-133921",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-3890",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133921"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3890"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3890"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability. Yi Home Camera Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. YiHomeCamera is a globally sold IoT home camera. Yi Home Camera 27US is a network camera product of Yi Technology Company in the United States",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-3890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133921"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3890"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-3890",
        "trust": 3.3
      },
      {
        "db": "TALOS",
        "id": "TALOS-2018-0565",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-032",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808",
        "trust": 0.6
      },
      {
        "db": "OTHER",
        "id": "NONE",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-97636",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-133921",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3890",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133921"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3890"
      }
    ]
  },
  "id": "VAR-201811-0490",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133921"
      }
    ],
    "trust": 1.8
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "camera device"
        ],
        "sub_category": "smart home camera",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      }
    ]
  },
  "last_update_date": "2025-01-30T22:26:24.197000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://www.yitechnology.com/"
      },
      {
        "title": "Patch for YiHomeCamera Code Execution Vulnerability (CNVD-2018-22808)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/144199"
      },
      {
        "title": "Yi Home Camera Fixes for code injection vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86576"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2018-3890 "
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/yi-iot-home-camera-riddled-with-code-execution-vulnerabilities/138741/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-78",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-77",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-133921"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3890"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://www.talosintelligence.com/vulnerability_reports/talos-2018-0565"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-3890"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3890"
      },
      {
        "trust": 0.6,
        "url": "https://talosintelligence.com/vulnerability_reports/talos-2018-0565"
      },
      {
        "trust": 0.1,
        "url": "https://ieeexplore.ieee.org/abstract/document/10769424"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/78.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2018-3890"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://threatpost.com/yi-iot-home-camera-riddled-with-code-execution-vulnerabilities/138741/"
      }
    ],
    "sources": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133921"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3890"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "OTHER",
        "id": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "db": "VULHUB",
        "id": "VHN-133921"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-3890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-3890"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-11-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "date": "2018-11-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-133921"
      },
      {
        "date": "2018-11-02T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-3890"
      },
      {
        "date": "2019-01-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "date": "2018-11-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      },
      {
        "date": "2018-11-02T17:29:00.240000",
        "db": "NVD",
        "id": "CVE-2018-3890"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-11-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-22808"
      },
      {
        "date": "2023-02-02T00:00:00",
        "db": "VULHUB",
        "id": "VHN-133921"
      },
      {
        "date": "2023-02-02T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-3890"
      },
      {
        "date": "2019-01-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      },
      {
        "date": "2022-04-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      },
      {
        "date": "2024-11-21T04:06:14.737000",
        "db": "NVD",
        "id": "CVE-2018-3890"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Yi Home Camera Command injection vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011708"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "operating system commend injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-032"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2018-22808

Vulnerability from cnvd - Published: 2018-11-09

Title

Yi Home Camera代码执行漏洞（CNVD-2018-22808）

Description

Yi Home Camera是一款全球销售的物联网家用相机。 Yi Home Camera 27US 1.8.7.0D的固件更新功能存在代码执行漏洞。攻击者可通过插入SD卡并通过特制文件利用该漏洞导致逻辑缺陷并实现命令注入，从而可实现代码执行。

Severity

高

Patch Name

Yi Home Camera代码执行漏洞（CNVD-2018-22808）的补丁

Patch Description

Yi Home Camera是一款全球销售的物联网家用相机。 Yi Home Camera 27US 1.8.7.0D的固件更新功能存在代码执行漏洞。攻击者可通过插入SD卡并通过特制文件利用该漏洞导致逻辑缺陷并实现命令注入，从而可实现代码执行。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://www.yitechnology.com/

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-3890

Impacted products

Name
YI Technology Home Camera 27US 1.8.7.0D

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-3890"
    }
  },
  "description": "Yi Home Camera\u662f\u4e00\u6b3e\u5168\u7403\u9500\u552e\u7684\u7269\u8054\u7f51\u5bb6\u7528\u76f8\u673a\u3002\n\nYi Home Camera 27US 1.8.7.0D\u7684\u56fa\u4ef6\u66f4\u65b0\u529f\u80fd\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u63d2\u5165SD\u5361\u5e76\u901a\u8fc7\u7279\u5236\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u903b\u8f91\u7f3a\u9677\u5e76\u5b9e\u73b0\u547d\u4ee4\u6ce8\u5165\uff0c\u4ece\u800c\u53ef\u5b9e\u73b0\u4ee3\u7801\u6267\u884c\u3002",
  "discovererName": "Lilith (\u003e_\u003e) of Cisco Talos",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.yitechnology.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-22808",
  "openTime": "2018-11-09",
  "patchDescription": "Yi Home Camera\u662f\u4e00\u6b3e\u5168\u7403\u9500\u552e\u7684\u7269\u8054\u7f51\u5bb6\u7528\u76f8\u673a\u3002\r\n\r\nYi Home Camera 27US 1.8.7.0D\u7684\u56fa\u4ef6\u66f4\u65b0\u529f\u80fd\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u63d2\u5165SD\u5361\u5e76\u901a\u8fc7\u7279\u5236\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u903b\u8f91\u7f3a\u9677\u5e76\u5b9e\u73b0\u547d\u4ee4\u6ce8\u5165\uff0c\u4ece\u800c\u53ef\u5b9e\u73b0\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Yi Home Camera\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2018-22808\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "YI Technology Home Camera 27US 1.8.7.0D"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-3890",
  "serverity": "\u9ad8",
  "submitTime": "2018-11-06",
  "title": "Yi Home Camera\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2018-22808\uff09"
}

GSD-2018-3890

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-3890

Aliases

CVE-2018-3890

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-3890",
    "description": "An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability.",
    "id": "GSD-2018-3890"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-3890"
      ],
      "details": "An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability.",
      "id": "GSD-2018-3890",
      "modified": "2023-12-13T01:22:43.229977Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "talos-cna@cisco.com",
        "ID": "CVE-2018-3890",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Yi Technology",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Yi Technology Home Camera 27US 1.8.7.0D"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "unknown"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability."
          }
        ]
      },
      "impact": {
        "cvss": {
          "baseScore": 7.6,
          "baseSeverity": "High",
          "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "command injection"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0565",
            "refsource": "MISC",
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0565"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:yitechnology:yi_home_camera_firmware:1.8.7.0d:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:yitechnology:yi_home_camera:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "ID": "CVE-2018-3890"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0565",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0565"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 0.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-02-02T01:58Z",
      "publishedDate": "2018-11-02T17:29Z"
    }
  }
}

GHSA-7Q2C-44RW-VXCC

Vulnerability from github – Published: 2022-05-13 01:02 – Updated: 2022-05-13 01:02

Details

Severity ?

6.8 (Medium)


                  
                    CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-3890"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-11-02T17:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability.",
  "id": "GHSA-7q2c-44rw-vxcc",
  "modified": "2022-05-13T01:02:01Z",
  "published": "2022-05-13T01:02:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3890"
    },
    {
      "type": "WEB",
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0565"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2018-3890

Vulnerability from fkie_nvd - Published: 2018-11-02 17:29 - Updated: 2024-11-21 04:06

Severity ?

6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	talos-cna@cisco.com	https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0565	Exploit, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0565	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	yitechnology	yi_home_camera_firmware	1.8.7.0d
	yitechnology	yi_home_camera	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:yitechnology:yi_home_camera_firmware:1.8.7.0d:*:*:*:*:*:*:*",
              "matchCriteriaId": "B11F5A23-96F7-4FC9-B5DB-FC1D9F5C00C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:yitechnology:yi_home_camera:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D317FA89-351E-4921-B72B-4EC3FFA18791",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad explotable de ejecuci\u00f3n de c\u00f3digo en la funcionalidad de actualizaci\u00f3n de firmware de Yi Home Camera 27US 1.8.7.0D. Un archivo especialmente manipulado puede provocar un error de l\u00f3gica y una inyecci\u00f3n de comandos que dar\u00eda lugar a la ejecuci\u00f3n de c\u00f3digo. Un atacante puede insertar una tarjeta SD para provocar esta vulnerabilidad."
    }
  ],
  "id": "CVE-2018-3890",
  "lastModified": "2024-11-21T04:06:14.737",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 6.0,
        "source": "talos-cna@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-11-02T17:29:00.240",
  "references": [
    {
      "source": "talos-cna@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0565"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0565"
    }
  ],
  "sourceIdentifier": "talos-cna@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-3890 (GCVE-0-2018-3890)

VAR-201811-0490

CNVD-2018-22808

GSD-2018-3890

GHSA-7Q2C-44RW-VXCC

FKIE_CVE-2018-3890

Tags

Sightings

Nomenclature