CNNVD-202510-758 Information

CNNVD ID

CNNVD-202510-758

Related CVE

CVE-2025-59452

• CNNVD Published: 2025-10-06

Description (Chinese)

YoSmart YoLink API是美国YoSmart公司的一个智能家居管理接口。 YoSmart YoLink API存在安全漏洞，该漏洞源于使用基于设备MAC地址和MD5哈希的端点URL，可能导致信息泄露。

Description (English)

YoSmart YoLink API is an intelligent home management interface for YoSmart in the United States. YoSmart YoLink API has a security loophole, which stems from the use of end-point URLs based on the equipment MAC address and MD5H, which could lead to the disclosure of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

YoSmart

Published

2025-10-06

Last Modified

2026-02-24

References

https://bishopfox.com/blog/how-a-20-smart-device-gave-me-access-to-your-home https://shop.yosmart.com/pages/product-support https://bishopfox.com/blog/advisories https://access.redhat.com/security/cve/cve-2025-59452