Hard-Coded Credentials Vulnerability in Yi Technology YI Home Camera
CVE-2026-4475

8.7HIGH

Key Information:

Vendor: Yi Technology
Status: Yi Home Camera
Vendor: CVE Published:; 20 March 2026

🔔 Create Yi Technology Vulnerability Alert

What is CVE-2026-4475?

A vulnerability exists in the YI Home Camera 2 version 2.1.1_20171024151200, where an unknown function in the home/web/ipc file exposes hard-coded credentials. This flaw requires local network access to exploit, potentially allowing unauthorized access to sensitive information. This security issue has been disclosed publicly. Despite early contact, Yi Technology has not responded to inquiries regarding this vulnerability, raising concerns for users dependent on this IoT device.