Vulnerabilities > Yealink > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-19 | CVE-2024-33109 | Path Traversal vulnerability in multiple products Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function. | 9.8 |
2024-02-08 | CVE-2024-24091 | OS Command Injection vulnerability in Yealink Meeting Server Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection vulnerability via the file upload interface. | 9.8 |
2023-08-22 | CVE-2020-24113 | Path Traversal vulnerability in Yealink W60B Firmware 77.83.0.85 Directory Traversal vulnerability in Contacts File Upload Interface in Yealink W60B version 77.83.0.85, allows attackers to gain sensitive information and cause a denial of service (DoS). | 9.1 |
2021-10-15 | CVE-2021-27561 | OS Command Injection vulnerability in Yealink Device Management 3.6.0.20 Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication. | 9.8 |
2019-05-29 | CVE-2018-16217 | OS Command Injection vulnerability in Yealink Ultra-Elegant IP Phone Sip-T41P Firmware 66.83.0.35 The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection. | 9.0 |
2014-08-03 | CVE-2013-5758 | OS Command Injection vulnerability in Yealink Sip-T38G cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute arbitrary commands by calling the system method in the body of a request, as demonstrated by running unauthorized services, changing directory permissions, and modifying files. | 9.0 |
2014-07-16 | CVE-2013-5755 | Credentials Management vulnerability in Yealink Sip-T38G config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9Cx.rLsWFA) for the user account, (2) admin (uoCbM.VEiKQto) for the admin account, and (3) var (jhl3iZAe./qXM) for the var account, which makes it easier for remote attackers to obtain access via unspecified vectors. | 10.0 |