CVE-2023-43959

An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

CVE-2025-66737

Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

CVE-2025-66737

Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...

PT-2025-53600

Name of the Vulnerable Software and Affected Versions Yealink T21P E2 Phone version 52.84.0.15 Description The Yealink T21P E2 Phone version 52.84.0.15 contains a directory traversal flaw. A remote attacker with normal privileges can read arbitrary files through a crafted request to the diagnosti...

CVE-2025-66737

Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...

CVE-2025-66737

CVE-2025-66737 affects Yealink T21P_E2 Phone 52.84.0.15. A directory traversal flaw exists in the Diagnostics Component Read function, allowing a remote attacker with normal privileges to read arbitrary files via a crafted request. Details across Red Hat, NVD, CIRCL, CNNVD, CVE listings confirm t...

EUVD-2025-205450

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

EUVD-2023-48319

Malicious code in bioql PyPI...

EUVD-2022-40470

Malicious code in bioql PyPI...

CVE-2023-43959

An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

CVE-2023-43959

An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

YeaLink SIP-T19P-E2 OS Command Injection Vulnerability

YeaLink SIP-T19P-E2 is a VOIP phone from China YeaLink. A security vulnerability exists in YeaLink SIP-T19P-E2 version v.53.84.0.15, which originates from a vulnerability that allows a privileged attacker to execute arbitrary code via a specially crafted request via the ping feature of the...

CVE-2023-43959

An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

CVE-2022-37861

There is a remote code execution RCE vulnerability in Tenhot TWS-100 V4.0-201809201424 router device. It is necessary to know that the device account password is allowed to escape the execution system command through the network tools in the network diagnostic component...

Remote code execution

There is a remote code execution RCE vulnerability in Tenhot TWS-100 V4.0-201809201424 router device. It is necessary to know that the device account password is allowed to escape the execution system command through the network tools in the network diagnostic component...

CVE-2022-37861

There is a remote code execution RCE vulnerability in Tenhot TWS-100 V4.0-201809201424 router device. It is necessary to know that the device account password is allowed to escape the execution system command through the network tools in the network diagnostic component...

Google Android DIAG Access Control Error Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which DIAG is a diagnostic component. An access control error vulnerability exists in DIAG in Android. No detailed vulnerability details are provided at this time...