Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ultra-elegant Ip Phone Sip-t41p Firmware Security Vulnerabilities

cve
cve

CVE-2018-16221

The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information (e.g., /etc/passwd) via path traversal...

8CVSS

7AI Score

0.001EPSS

2019-05-29 06:29 PM
80
cve
cve

CVE-2018-16218

A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the...

8.8CVSS

8.2AI Score

0.009EPSS

2019-05-29 06:29 PM
76
cve
cve

CVE-2018-16217

The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command...

8.8CVSS

7.8AI Score

0.002EPSS

2019-05-29 06:29 PM
83