CVE-2026-4476 | Yi Technology YI Home Camera 2 2.1.1_20171024151200 CGI Endpoint home/web/ipc missing authentication

A vulnerability, which was classified as critical, has been found in Yi Technology YI Home Camera 2 2.1.1_20171024151200. The impacted element is an unknown function of the file home/web/ipc of the component CGI Endpoint. Performing a manipulation results in missing authentication.

This vulnerability is known as CVE-2026-4476. Access to the local network is required for this attack. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4476 | Yi Technology YI Home Camera 2 2.1.1_20171024151200 CGI Endpoint home/web/ipc missing authentication

Post correlati

CVE-2023-7189 | S-CMS up to 2.0_build20220529-20231006 index.php lid sql injection

CVE-2024-22515 | iSpyConnect Agent DVR 5.1.6.0 Upload Audio unrestricted upload

CVE-2025-40019 | Linux Kernel up to 5.15.194/6.1.156/6.6.112/6.12.53/6.17.3 crypto essiv_aead_crypt privilege escalation

CVE-2025-54229 | Adobe Framemaker up to 2020.8/2022.6 File use after free (apsb25-83)