CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31747
https://notcve.org/view.php?id=CVE-2024-31747
29 Apr 2024 — An issue in Yealink VP59 Microsoft Teams Phone firmware 91.15.0.118 (fixed in 122.15.0.142) allows a physically proximate attacker to disable the phone lock via the Walkie Talkie menu option. Un problema en Yealink VP59 Microsoft Teams Phone firmware 91.15.0.118 (fixed in 122.15.0.142) permite a un atacante físicamente cercano desactivar el bloqueo del teléfono a través de la opción del menú Walkie Talkie. • https://medium.com/%40deepsahu1/yealink-vp59-microsoft-teams-phone-lock-bypass-b7fee9dd9c8c •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28442
https://notcve.org/view.php?id=CVE-2024-28442
26 Mar 2024 — Directory Traversal vulnerability in Yealink VP59 v.91.15.0.118 allows a physically proximate attacker to obtain sensitive information via terms of use function in the company portal component. La vulnerabilidad de Directory Traversal en Yealink VP59 v.91.15.0.118 permite a un atacante físicamente cercano obtener información confidencial a través de la función de términos de uso en el componente del portal de la empresa. • https://medium.com/%40deepsahu1/cve-2024-28442-yealink-ip-phone-webview-escape-leads-to-sensitive-file-disclosure-via-directory-686ef8f80227 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •