exploitDog

GHSA-8cpr-48rw-5rrc

Опубликовано: 26 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component.

Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component.

Ссылки

EPSS

Процентиль: 20%

0.00063

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-23

Связанные уязвимости

CVE-2025-66737

CVSS3: 4.3

nvd

около 1 месяца назад

Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component.

EPSS

Процентиль: 20%

0.00063

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-23