Lucene search
HistoryAug 03, 2014 - 6:55 p.m.
CVE-2013-5756
yealink
voip
phone
sip-t38g
directory traversal
vulnerability
cve-2013-5756
nvd
cgi-bin
cgiserver.exx
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.0%
Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a … (dot dot) in the page parameter to cgi-bin/cgiServer.exx.
Affected configurations
Node
yealinksip-t38gMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| yealink:sip-t38g | yealink sip-t38g | eq | - |
References
Related
nvd
nvd
CVE-2013-5756
2014-08-03 18:55:04
cvelist
cvelist
CVE-2013-5756
2014-08-03 18:00:00
prion
prion
Directory traversal
2014-08-03 18:55:00
packetstorm
packetstorm
Yealink VoIP Phone SIP-T38G Local File Inclusion
2014-06-13 00:00:00
exploitpack
exploitpack
Yealink VoIP Phone SIP-T38G - Local File Inclusion
2014-06-13 00:00:00
seebug
seebug
Yealink VoIP Phone SIP-T38G - Local File Inclusion
2014-07-01 00:00:00
zdt
zdt
Yealink VoIP Phone SIP-T38G - Multiple Vulnerabilities
2014-06-14 00:00:00
exploitdb
exploitdb
Yealink VoIP Phone SIP-T38G - Local File Inclusion
2014-06-13 00:00:00
openvas
openvas
Yealink VoIP Phone SIP-T38G Multiple Vulnerabilities
2014-06-20 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.0%
Related for CVE-2013-5756