CVE-2026-4477

LOW EPSS 12.3%

Published Mar 20, 20263mo ago · Modified Apr 29, 20262mo ago

1.3 CVSS 4.0

Low

Published Mar 20, 2026 3mo ago

Last Modified Apr 29, 2026 2mo ago

Description

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.1_20171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is characterized by high complexity. The exploitability is reported as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Details

Base Score

1.3

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Adjacent

Attack Complexity High

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

12.3% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 2

CWE-320

CWE-321

References 3

vuldb.com https://vuldb.com/?ctiid.351767
vuldb.com https://vuldb.com/?id.351767
vuldb.com https://vuldb.com/?submit.773095

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.