2 matches found
CVE-2026-12220
A vulnerability exists in Yealink SIP-T46U firmware 108.86.0.118 affecting the mod_upgrade.SparePartsUpload handler in /api/upgrade/accupgradebychunk. Manipulating the uid argument can cause a stack-based buffer overflow. Exploitation is described as local-network only, with public disclosure and...
PT-2026-49137
Name of the Vulnerable Software and Affected Versions Yealink SIP-T46U version 108.86.0.118 Description A stack-based buffer overflow occurs in the Firmware Chunk Upload Handler component within the sprintf function of the file /api/upgrade/upgrade. This issue is triggered by manipulating the...