CVE-2026-4477 in YI Home Camera
Summary
by MITRE • 03/20/2026
A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.1_20171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is characterized by high complexity. The exploitability is reported as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 03/26/2026
This vulnerability exists in Yi Technology YI Home Camera 2 firmware version 2.1.1_20171024151200 within the WPA/WPS component functionality. The issue stems from the improper implementation of wireless security protocols where hard-coded cryptographic keys are utilized instead of dynamically generated secure keys. This represents a critical flaw in the camera's wireless authentication mechanism that compromises the fundamental security of the device's network communications. The vulnerability specifically affects the WPA/WPS implementation which is responsible for establishing secure wireless connections between the camera and client devices.
The technical exploitation of this vulnerability requires an attacker to be within the local network perimeter, limiting the attack surface but not eliminating the risk entirely. The attack complexity is characterized as high due to the specialized knowledge required to manipulate the WPA/WPS functions and leverage the hard-coded keys effectively. The use of hard-coded cryptographic keys violates fundamental security principles and creates a persistent backdoor that can be exploited by any local network attacker with sufficient technical expertise. This weakness directly maps to CWE-327 which addresses the use of insecure or weak cryptographic algorithms, and CWE-310 which covers cryptographic issues related to key management.
The operational impact of this vulnerability is significant as it allows unauthorized local network users to potentially gain access to the camera's wireless communication channels without proper authentication. An attacker could intercept wireless traffic, perform man-in-the-middle attacks, or even gain control over the device's wireless configuration settings. The camera's security model is fundamentally compromised since the hard-coded keys provide a consistent attack vector that remains effective across device reboots and normal operations. This vulnerability undermines the entire purpose of wireless security protocols and exposes users to potential privacy violations and unauthorized access to their home surveillance systems.
Mitigation strategies should include immediate firmware updates from Yi Technology if available, network segmentation to isolate the camera from critical systems, and implementing additional network-level controls such as firewalls and access control lists. Network administrators should consider disabling WPS functionality entirely if it's not required for operations, as this protocol is inherently vulnerable to various attack vectors. The lack of vendor response to early disclosure highlights the importance of maintaining awareness of such vulnerabilities and implementing defensive measures proactively. Organizations should also consider network monitoring to detect unusual wireless traffic patterns that might indicate exploitation attempts. This vulnerability demonstrates the critical need for proper key management practices and adherence to security standards such as those outlined in the NIST SP 800-57 cryptographic standards for key lifecycle management. The public disclosure of this exploit underscores the urgency for users to implement compensating controls while awaiting official patches from the vendor, as the attack complexity does not necessarily prevent determined adversaries from successfully exploiting the weakness.