Lucene search
K

22 matches found

NVD
NVD
added 2026/06/15 6:16 a.m.11 views

CVE-2026-12222

A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function modwebd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs...

8.6CVSS0.00371EPSS
Exploits0References5
NVD
NVD
added 2026/06/15 6:16 a.m.12 views

CVE-2026-12223

A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability is the function modwebd.TFTPUploadIperf of the file /api/inner/tftpuploadiperf of the component Web FastCGI Service. The manipulation of the argument ip/port leads to command injection. The attack need...

5.5CVSS0.01194EPSS
Exploits0References5
NVD
NVD
added 2026/06/15 6:16 a.m.13 views

CVE-2026-12219

A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function moddiagnose.CommandShellByType of the file /api/diagnosis/start of the component Web FastCGI Service. This manipulation of the argument Time causes command injection. The attack can be initiated remotely...

6.5CVSS0.0105EPSS
Exploits0References5
NVD
NVD
added 2026/06/15 6:16 a.m.13 views

CVE-2026-12218

A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. The manipulation of the argument port results in stack-based buffer overflow. Access to the local...

8.6CVSS0.00371EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/15 5:30 a.m.37 views

CVE-2026-12223 Yealink SIP-T46U Web FastCGI Service tftpuploadiperf mod_webd.TFTPUploadIperf command injection

A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability is the function modwebd.TFTPUploadIperf of the file /api/inner/tftpuploadiperf of the component Web FastCGI Service. The manipulation of the argument ip/port leads to command injection. The attack need...

5.5CVSS0.01194EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/15 5:30 a.m.7 views

CVE-2026-12223 Yealink SIP-T46U Web FastCGI Service tftpuploadiperf mod_webd.TFTPUploadIperf command injection

A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability is the function modwebd.TFTPUploadIperf of the file /api/inner/tftpuploadiperf of the component Web FastCGI Service. The manipulation of the argument ip/port leads to command injection. The attack need...

5.5CVSS5.7AI score0.01194EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/15 5:30 a.m.10 views

EUVD-2026-36696

A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability is the function modwebd.TFTPUploadIperf of the file /api/inner/tftpuploadiperf of the component Web FastCGI Service. The manipulation of the argument ip/port leads to command injection. The attack need...

5.5CVSS5.5AI score0.01194EPSS
Exploits0References5
CVE
CVE
added 2026/06/15 5:30 a.m.29 views

CVE-2026-12223

The CVE affects Yealink SIP-T46U with firmware 108.86.0.118, specifically the Web FastCGI Service component. The vulnerability lies in the mod_webd.TFTPUploadIperf function within /api/inner/tftpuploadiperf, where manipulating the ip/port argument leads to command injection. Exploitation is descr...

5.5CVSS5.7AI score0.01194EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/15 5:15 a.m.7 views

CVE-2026-12222 Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow

A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function modwebd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs...

8.6CVSS7.6AI score0.00371EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/15 5:15 a.m.2 views

CVE-2026-12222

A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function modwebd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs...

8.6CVSS7.6AI score0.00371EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/15 5:15 a.m.10 views

EUVD-2026-36695

A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function modwebd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs...

8.6CVSS8.3AI score0.00371EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/15 5:15 a.m.34 views

CVE-2026-12222 Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow

A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function modwebd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs...

8.6CVSS0.00371EPSS
Exploits0References5
CVE
CVE
added 2026/06/15 5:15 a.m.22 views

CVE-2026-12222

CVE-2026-12222 affects Yealink SIP-T46U (firmware 108.86.0.118) via the Web FastCGI Service: function mod_webd.BlueToothTest in /api/inner/bttest, where manipulating btMac/pin/reserved can trigger a stack-based overflow. Exploitation reportedly public and feasible within a local network; vendor d...

8.6CVSS7.6AI score0.00371EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/15 4:30 a.m.39 views

CVE-2026-12219 Yealink SIP-T46U Web FastCGI Service start mod_diagnose.CommandShellByType command injection

A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function moddiagnose.CommandShellByType of the file /api/diagnosis/start of the component Web FastCGI Service. This manipulation of the argument Time causes command injection. The attack can be initiated remotely...

6.5CVSS0.0105EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/15 4:30 a.m.6 views

CVE-2026-12219 Yealink SIP-T46U Web FastCGI Service start mod_diagnose.CommandShellByType command injection

A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function moddiagnose.CommandShellByType of the file /api/diagnosis/start of the component Web FastCGI Service. This manipulation of the argument Time causes command injection. The attack can be initiated remotely...

6.5CVSS6.3AI score0.0105EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/15 4:30 a.m.2 views

CVE-2026-12219

A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function moddiagnose.CommandShellByType of the file /api/diagnosis/start of the component Web FastCGI Service. This manipulation of the argument Time causes command injection. The attack can be initiated remotely...

6.5CVSS6.3AI score0.0105EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/15 4:30 a.m.18 views

CVE-2026-12219

CVE-2026-12219 concerns Yealink SIP-T46U (108.86.0.118) involving the Web FastCGI Service. The vulnerable element is the function mod_diagnose.CommandShellByType in /api/diagnosis/start, where manipulating the Time argument leads to command injection. The flaw enables a remote attacker to execute...

6.5CVSS6.3AI score0.0105EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/15 4:30 a.m.13 views

EUVD-2026-36692

A flaw has been found in Yealink SIP-T46U 108.86.0.118. The impacted element is the function moddiagnose.CommandShellByType of the file /api/diagnosis/start of the component Web FastCGI Service. This manipulation of the argument Time causes command injection. The attack can be initiated remotely...

6.5CVSS6.4AI score0.0105EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/15 4:15 a.m.8 views

CVE-2026-12218 Yealink SIP-T46U Web FastCGI Service beforewifitest StartReportInformation stack-based overflow

A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. The manipulation of the argument port results in stack-based buffer overflow. Access to the local...

8.6CVSS7.5AI score0.00371EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/15 4:15 a.m.11 views

EUVD-2026-36691

A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. The manipulation of the argument port results in stack-based buffer overflow. Access to the local...

8.6CVSS8.3AI score0.00371EPSS
Exploits0References5
Rows per page
Query Builder