admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-56897.md

19 lines
845 B
Markdown
Raw Normal View History

Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00
### [CVE-2024-56897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56897)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)
Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00
### Description
Improper access control in the HTTP server in YI Car Dashcam v3.88 allows unrestricted file downloads, uploads, and API commands. API commands can also be made to make unauthorized modifications to the device settings, such as disabling recording, disabling sounds, factory reset.
### POC
#### Reference
Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00
- https://geochen.medium.com/cve-2024-56897-yi-car-dashcam-39304a4b21b4
Update CVE sources 2025-09-29 16:08
2025-09-29 16:08:36 +00:00
#### Github
- https://github.com/geo-chen/YI-Smart-Dashcam
- https://github.com/plzheheplztrying/cve_monitor
Reference in New Issue Copy Permalink