CVSS: 5.4EPSS: 0%CPEs: 14EXPL: 3CVE-2012-1417 – Yealink VOIP Phone - Persistent Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-1417
17 Sep 2014 — Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user field to cgi-bin/ConfigManApp.com. Múltiples vulnerabilidades de XSS en Local Phone book y Blacklist en Yealink VOIP Phones permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del campo 'user' hacia cgi-bin/ConfigManApp.com. • https://www.exploit-db.com/exploits/18540 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2013-5757 – Yealink VoIP Phone SIP-T38G - Local File Inclusion
https://notcve.org/view.php?id=CVE-2013-5757
03 Aug 2014 — Absolute path traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a full pathname in the dumpConfigFile function in the command parameter to cgi-bin/cgiServer.exx. Vulnerabilidad de recorrido de directorio absoluto en Yealink VoIP Phone SIP-T38G permite a usuarios remotos autenticados leer ficheros arbitrarios a través de un nombre de ruta completo en la función dumpConfigFile en el parámetro command en cgi-bin/cgiServer.exx. • https://www.exploit-db.com/exploits/33740 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 7CVE-2013-5758 – Yealink VoIP Phone SIP-T38G - Privilege Escalation
https://notcve.org/view.php?id=CVE-2013-5758
13 Jun 2014 — cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute arbitrary commands by calling the system method in the body of a request, as demonstrated by running unauthorized services, changing directory permissions, and modifying files. cgi-bin/cgiServer.exx en Yealink VoIP Phone SIP-T38G permite a usuarios remotos autenticados ejecutar comandos arbitrarios mediante la llamada al método del sistema en el cuerpo de una solicitud, tal y como fue demostrado mediante la pue... • https://packetstorm.news/files/id/127096 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 3CVE-2013-5756 – Yealink VoIP Phone SIP-T38G - Local File Inclusion
https://notcve.org/view.php?id=CVE-2013-5756
13 Jun 2014 — Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to cgi-bin/cgiServer.exx. Vulnerabilidad de salto de directorio en Yealink VoIP Phone SIP-T38G permite a usuarios remotos autenticados leer ficheros arbitrarios a través de un .. (punto punto) en el parámetro page en cgi-bin/cgiServer.exx. Yealink VoIP phone version SIP-T38G suffers from a local file inclusion vulnerability. • https://packetstorm.news/files/id/127095 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 3CVE-2013-5755 – Yealink VoIP Phone SIP-T38G - Default Credentials
https://notcve.org/view.php?id=CVE-2013-5755
13 Jun 2014 — config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9Cx.rLsWFA) for the user account, (2) admin (uoCbM.VEiKQto) for the admin account, and (3) var (jhl3iZAe./qXM) for the var account, which makes it easier for remote attackers to obtain access via unspecified vectors. config/.htpasswd en Yealink IP Phone SIP-T38G tiene la contraseña embebida de (1) user (s7C9Cx.rLsWFA) para la cuenta de user, (2) admin (uoCbM.VEiKQto) para la cuenta de admin y (3) var (jhl3iZAe./qXM) para ... • https://packetstorm.news/files/id/127094 • CWE-255: Credentials Management Errors •