WPA/WPS Vulnerability in Yi Technology YI Home Camera 2
CVE-2026-4477

2.3LOW

Key Information:

Vendor

Yi Technology

Status
Yi Home Camera
Vendor
CVE Published:
20 March 2026

What is CVE-2026-4477?

A vulnerability exists in the Yi Technology YI Home Camera 2, where an unknown function related to WPA/WPS utilizes hard-coded cryptographic keys. Although the manipulation for exploitation can only occur within a local network, it presents a significant risk as the exploit has been publicly disclosed. The complexity involved in successfully executing this attack is rated as high, contributing to its potential danger. Attempts to notify Yi Technology of this issue have gone unanswered, underscoring the importance of addressing vulnerabilities promptly in connected devices.

Affected Version(s)

YI Home Camera 2 2.1.1_20171024151200

References

https://vuldb.com/?id.351767
vdb-entry
https://vuldb.com/?ctiid.351767
signaturepermissions-required
https://vuldb.com/?submit.773095
third-party-advisory

CVSS V4

Score:
2.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

0rbitingZer0 (VulDB User)
VulDB
.