Yi Technology
Yi Home Camera 1: unmaintained firmware, active CVEs
Early Yi Home cameras (2015) run on aging Xiongmai firmware affected by critical CVEs. The firmware is no longer actively maintained.
- Risk level
- High risk
- Category
- Cameras and security
- Last reviewed
- 2026-05-23
- Confidence
- medium
Support status
Poorly maintained firmware: check for updates on the Yi website. Mirai/Xiongmai CVEs affect these cameras.
Typical symptoms
- Camera recruited into a Mirai botnet
- Telnet access active by default
- Default admin password not changed
Fixes to try
- Change the admin password immediately
- Update firmware via the Yi app
- Disable Telnet access if available
- Place behind a firewall without WAN exposure