Lucene search
K

329 matches found

Vulnrichment
Vulnrichment
added 2026/02/02 12:2 a.m.4 views

CVE-2026-1735 Yealink MeetingBar A30 Diagnostic command injection

A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...

4.6CVSS5AI score0.01173EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/02 12:2 a.m.10 views

EUVD-2026-5110

A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...

4.6CVSS5AI score0.01173EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/02 12:2 a.m.5 views

CVE-2026-1735

A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...

4.6CVSS5.6AI score0.01173EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/02/02 12:2 a.m.26 views

CVE-2026-1735

The vulnerability CVE-2026-1735 affects Yealink MeetingBar A30 running version 133.321.0.3, specifically a weakness in the Diagnostic Handler that allows command injection. The attack is feasible on the physical device, and a public exploit is available per the description. The vendor was not res...

4.6CVSS5.6AI score0.01173EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/02 12:2 a.m.34 views

CVE-2026-1735 Yealink MeetingBar A30 Diagnostic command injection

A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...

4.6CVSS0.01173EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.9 views

Yealink MeetingBar A30 命令注入漏洞

The Yealink MeetingBar A30 is a video conference terminal produced by the Chinese company Yealink. The Yealink MeetingBar A30 version 133.321.0.3 has a command injection vulnerability. This vulnerability stems from certain unknown processing steps in the Diagnostic Handler component, which may le...

4.6CVSS5.8AI score0.01173EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/02 12:0 a.m.12 views

PT-2026-5588

A weakness has been identified in Yealink MeetingBar A30 133.321.0.3. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection. It is feasible to perform the attack on the physical device. The exploit has been made available to the...

4.6CVSS5.6AI score0.01173EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.8 views

CVE-2023-43959

An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

8.8CVSS7.8AI score0.01605EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:29 a.m.7 views

CVE-2021-27561

Yealink Device Management DM 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication...

10CVSS7.4AI score0.82516EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/27 12:5 a.m.14 views

CVE-2025-66737

Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...

4.3CVSS6.8AI score0.00619EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/27 12:5 a.m.4 views

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

8.8CVSS7.8AI score0.00595EPSS
Exploits1References1
NVD
NVD
added 2025/12/26 5:15 p.m.3 views

CVE-2025-66737

Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...

4.3CVSS0.00619EPSS
Exploits1References2
OSV
OSV
added 2025/12/26 5:15 p.m.4 views

CVE-2025-66737

Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...

4.3CVSS6AI score0.00619EPSS
Exploits1References2
NVD
NVD
added 2025/12/26 4:15 p.m.4 views

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

8.8CVSS0.00595EPSS
Exploits1References2
OSV
OSV
added 2025/12/26 4:15 p.m.3 views

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

8.8CVSS6.2AI score0.00595EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/26 12:0 a.m.2 views

CVE-2025-66737

Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...

6.5AI score0.00619EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/26 12:0 a.m.23 views

CVE-2025-66738

An issue in Yealink T21PE2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

0.00595EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/26 12:0 a.m.4 views

EUVD-2025-205448

Yealink T21PE2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component...

6.5CVSS6.3AI score0.00619EPSS
Exploits1References3
CVE
CVE
added 2025/12/26 12:0 a.m.15 views

CVE-2025-66737

CVE-2025-66737 affects Yealink T21P_E2 Phone 52.84.0.15. A directory traversal flaw exists in the Diagnostics Component Read function, allowing a remote attacker with normal privileges to read arbitrary files via a crafted request. Details across Red Hat, NVD, CIRCL, CNNVD, CVE listings confirm t...

4.3CVSS6.5AI score0.00619EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.4 views

PT-2025-53601

Name of the Vulnerable Software and Affected Versions Yealink T21P E2 Phone version 52.84.0.15 Description A flaw exists in the Yealink T21P E2 Phone that could allow a remote attacker with normal privileges to execute arbitrary code. This is possible through a crafted request targeting the ping...

9CVSS7AI score0.00595EPSS
Exploits1References12
Rows per page
Query Builder