2 matches found
CVE-2026-12221
Yealink SIP-T46U (version 108.86.0.118) is affected by a stack-based buffer overflow in the Firmware Chunk Upload Handler, caused by a faulty sprintf in /api/upgrade/upgrade when manipulating uid/start_offset. Exploitation requires local-network access; the exploit is publicly available. No remed...
PT-2026-49181
Name of the Vulnerable Software and Affected Versions Yealink SIP-T46U version 108.86.0.118 Description A stack-based buffer overflow exists in the Firmware Chunk Upload handler. This occurs when the uid argument is manipulated within the mod upgrade.SparePartsUpload function of the...