exploitDog

GHSA-37fc-4qqv-26w3

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model parameter to servlet.

CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model parameter to servlet.

Ссылки

EPSS

Процентиль: 88%

0.03758

Низкий

CVE ID

Связанные уязвимости

CVE-2014-3427

nvd

больше 11 лет назад

CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model parameter to servlet.

EPSS

Процентиль: 88%

0.03758

Низкий

CVE ID