Lucene search
K

8 matches found

OSV
OSV
added 2019/05/29 6:29 p.m.5 views

CVE-2018-16217

The network diagnostic function ping in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection...

8.8CVSS5.9AI score0.03255EPSS
Exploits0References2
NVD
NVD
added 2019/05/29 6:29 p.m.23 views

CVE-2018-16217

The network diagnostic function ping in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection...

9CVSS8.8AI score0.03255EPSS
Exploits0References2
NVD
NVD
added 2019/05/29 6:29 p.m.17 views

CVE-2018-16221

The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 does not validate escape the path information path traversal, which allows an authenticated remote attacker to get access to privileged information e.g., /etc/passwd via path traversal relative path...

8CVSS7.6AI score0.01499EPSS
Exploits0References2
Prion
Prion
added 2019/05/29 6:29 p.m.15 views

Path traversal

The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 does not validate escape the path information path traversal, which allows an authenticated remote attacker to get access to privileged information e.g., /etc/passwd via path traversal relative path...

7.7CVSS7.6AI score0.01499EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/05/29 6:29 p.m.4 views

CVE-2018-16221

The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 does not validate escape the path information path traversal, which allows an authenticated remote attacker to get access to privileged information e.g., /etc/passwd via path traversal relative path...

8CVSS5.8AI score0.01499EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/05/29 5:59 p.m.18 views

CVE-2018-16221

The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 does not validate escape the path information path traversal, which allows an authenticated remote attacker to get access to privileged information e.g., /etc/passwd via path traversal relative path...

7.7AI score0.01499EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/05/29 5:52 p.m.28 views

CVE-2018-16217

The network diagnostic function ping in the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware 66.83.0.35 allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection...

8.8AI score0.03255EPSS
Exploits0References2
CNVD
CNVD
added 2019/05/29 12:0 a.m.3 views

Yealink Yeahlink Ultra-elegant IP Phone SIP-T41P Command Injection Vulnerability

Yealink Yeahlink Ultra-elegant IP Phone SIP-T41P is an IP phone from China Yealink. A command injection vulnerability exists in the network diagnostic feature of the Yealink Yeahlink Ultra-elegant IP Phone SIP-T41P using firmware version 66.83.0.35. The vulnerability arises from a network system ...

9CVSS7.8AI score0.03255EPSS
Exploits0References1
Rows per page
Query Builder