8 matches found
CVE-2018-16217
The network diagnostic function ping in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection...
CVE-2018-16217
The network diagnostic function ping in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection...
CVE-2018-16221
The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 does not validate escape the path information path traversal, which allows an authenticated remote attacker to get access to privileged information e.g., /etc/passwd via path traversal relative path...
Path traversal
The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 does not validate escape the path information path traversal, which allows an authenticated remote attacker to get access to privileged information e.g., /etc/passwd via path traversal relative path...
CVE-2018-16221
The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 does not validate escape the path information path traversal, which allows an authenticated remote attacker to get access to privileged information e.g., /etc/passwd via path traversal relative path...
CVE-2018-16221
The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 does not validate escape the path information path traversal, which allows an authenticated remote attacker to get access to privileged information e.g., /etc/passwd via path traversal relative path...
CVE-2018-16217
The network diagnostic function ping in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection...
Yealink Yeahlink Ultra-elegant IP Phone SIP-T41P Command Injection Vulnerability
Yealink Yeahlink Ultra-elegant IP Phone SIP-T41P is an IP phone from China Yealink. A command injection vulnerability exists in the network diagnostic feature of the Yealink Yeahlink Ultra-elegant IP Phone SIP-T41P using firmware version 66.83.0.35. The vulnerability arises from a network system ...