CVE-2025-29659

Description

Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary.

PUBLISHED Reserved 2025-03-11 | Published 2025-04-21 | Updated 2025-04-21 | Assigner mitre

References

github.com/...nerability-research/tree/master/CVE-2025-29659 exploit

github.com/Yasha-ops/RCE-YiIOT

github.com/...nerability-research/tree/master/CVE-2025-29659

cve.org (CVE-2025-29659)

nvd.nist.gov (CVE-2025-29659)

Download JSON