13 matches found
CVE-2025-66737
Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...
CVE-2025-66738
An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...
CVE-2025-66738
An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...
Yealink T21P_E2 安全漏洞
Yealink T21PE2 is an IP Phone from China Yealink. A security vulnerability exists in Yealink T21PE2 Phone version 52.84.0.15, which stems from a path traversal issue in the Diagnostics Component Read function, which could allow a remote attacker to read arbitrary files...
CVE-2025-66738
An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...
CVE-2025-66738
An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...
PT-2025-53601
Name of the Vulnerable Software and Affected Versions Yealink T21P E2 Phone version 52.84.0.15 Description A flaw exists in the Yealink T21P E2 Phone that could allow a remote attacker with normal privileges to execute arbitrary code. This is possible through a crafted request targeting the ping...
PT-2025-53600
Name of the Vulnerable Software and Affected Versions Yealink T21P E2 Phone version 52.84.0.15 Description The Yealink T21P E2 Phone version 52.84.0.15 contains a directory traversal flaw. A remote attacker with normal privileges can read arbitrary files through a crafted request to the diagnosti...
CVE-2025-14228
A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...
CVE-2025-14228 Yealink SIP-T21P E2 Local Directory cross site scripting
A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...
EUVD-2025-201706
A weakness has been identified in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be...
CVE-2025-14228
CVE-2025-14228 affects Yealink SIP-T21P E2 (firmware 52.84.0.15). The issue is a cross-site scripting vulnerability in an unknown function of the Local Directory Page, allowing remote initiation of an attack. Public exploit code exists and has been reported through multiple feeds, with vendor con...
Yealink SIP-T21P E2 代码注入漏洞
Yealink SIP-T21P E2 is an enterprise IP phone from China Yealink. A code injection vulnerability exists in Yealink SIP-T21P E2 version 52.84.0.15, which originates from a cross-site scripting vulnerability in the local catalog page component...