Ultra-elegant Ip Phone Sip-t41p Firmware Security Vulnerabilities and Issues — Ultra-elegant Ip Phone Sip-t41p Firmware CVE List

Lucene search

YealinkUltra-elegant Ip Phone Sip-t41p Firmware

3 matches found

CVE•added 2019/05/29 6:29 p.m.•99 views

CVE-2018-16217

The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection.

9CVSS8.7AI score0.07239EPSS

CVE•added 2019/05/29 6:29 p.m.•95 views

CVE-2018-16221

The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information (e.g., /etc/passwd) via path traversal (relativ...

8CVSS7.5AI score0.00733EPSS

CVE•added 2019/05/29 6:29 p.m.•91 views

CVE-2018-16218

A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim.

8.8CVSS8.7AI score0.00765EPSS