329 matches found
CVE-2026-1735 Yealink MeetingBar A30 Diagnostic command injection
A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...
EUVD-2026-5110
A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...
CVE-2026-1735
A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...
CVE-2026-1735
The vulnerability CVE-2026-1735 affects Yealink MeetingBar A30 running version 133.321.0.3, specifically a weakness in the Diagnostic Handler that allows command injection. The attack is feasible on the physical device, and a public exploit is available per the description. The vendor was not res...
CVE-2026-1735 Yealink MeetingBar A30 Diagnostic command injection
A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...
Yealink MeetingBar A30 命令注入漏洞
The Yealink MeetingBar A30 is a video conference terminal produced by the Chinese company Yealink. The Yealink MeetingBar A30 version 133.321.0.3 has a command injection vulnerability. This vulnerability stems from certain unknown processing steps in the Diagnostic Handler component, which may le...
PT-2026-5588
A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...
CVE-2023-43959
An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...
CVE-2021-27561
Yealink Device Management DM 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication...
CVE-2025-66737
Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...
CVE-2025-66738
An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...
CVE-2025-66737
Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...
CVE-2025-66737
Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...
CVE-2025-66738
An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...
CVE-2025-66738
An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...
CVE-2025-66737
Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...
CVE-2025-66738
An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...
EUVD-2025-205448
Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...
CVE-2025-66737
CVE-2025-66737 affects Yealink T21P_E2 Phone 52.84.0.15. A directory traversal flaw exists in the Diagnostics Component Read function, allowing a remote attacker with normal privileges to read arbitrary files via a crafted request. Details across Red Hat, NVD, CIRCL, CNNVD, CVE listings confirm t...
PT-2025-53601
Name of the Vulnerable Software and Affected Versions Yealink T21P E2 Phone version 52.84.0.15 Description A flaw exists in the Yealink T21P E2 Phone that could allow a remote attacker with normal privileges to execute arbitrary code. This is possible through a crafted request targeting the ping...