CVE-2024-23727 - The YI Smart Kami Vision com.kamivision.yismart application through 1.0.0_20231219 for Android allow

CVE-2024-23727

Summary

The YI Smart Kami Vision com.kamivision.yismart application through 1.0.0_20231219 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component.

References

https://github.com/actuator/yi/blob/main/com.kamivision.yismart.V1.0.0_20231219.md

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

29-03-2024 - 12:45

Published

28-03-2024 - 21:16

Last modified

29-03-2024 - 12:45