CVE-2024-56897

Published Feb 24, 2025

Last updated 4 days ago

Overview

Description
Improper access control in the HTTP server in YI Car Dashcam v3.88 allows unrestricted file downloads, uploads, and API commands. API commands can also be made to make unauthorized modifications to the device settings, such as disabling recording, disabling sounds, factory reset.
Source
cve@mitre.org
NVD status
Received

Social media

Hype score
Not currently trending

  1. CVE-2024-56897 Improper access control in the HTTP server in YI Car Dashcam v3.88 allows unrestricted file downloads, uploads, and API commands. API commands can also be made to mak… https://t.co/CNenbDcJmE

    @CVEnew

    24 Feb 2025

    276 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References