VulnCheck KEV: CVE-2025-34023

A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...

CVE-2020-12860

COVIDSafe through v1.0.17 allows a remote attacker to access phone name and model information because a BLE device can have four roles and COVIDSafe uses all of them. This allows for re-identification of a device, and potentially identification of the owner's name...

CVE-2020-12860

COVIDSafe through v1.0.17 allows a remote attacker to access phone name and model information because a BLE device can have four roles and COVIDSafe uses all of them. This allows for re-identification of a device, and potentially identification of the owner's name...

Yealink Yeahlink Ultra-elegant IP Phone SIP-T41P Command Injection Vulnerability

Yealink Yeahlink Ultra-elegant IP Phone SIP-T41P is an IP phone from China Yealink. A command injection vulnerability exists in the network diagnostic feature of the Yealink Yeahlink Ultra-elegant IP Phone SIP-T41P using firmware version 66.83.0.35. The vulnerability arises from a network system ...