Vulnerabilities > Yealink > SIP T28P Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-09-19 CVE-2024-33109 Path Traversal vulnerability in multiple products
Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function.
network
low complexity
ergophone yealink CWE-22
critical
9.8