Yiiot Xy-3820 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Yiiot Xy-3820 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-29659 — CVSS 9.8 (critical): Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary.
CVE-2025-29660 — CVSS 9.8 (critical): A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks…