RSS   Vulnerabilities for 'Voip phone firmware'   RSS

2014-07-16
 
CVE-2014-3427

CWE-Other
 

 
CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model parameter to servlet.

 
2014-06-16
 
CVE-2014-3428

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet.

 

 >>> Vendor: Yealink 19 Products
Voip phone firmware
Voip phone
Sip-t38g
Gigabit color ip phone sip-t32g
Gigabit color ip phone sip-t38g
Ip phone sip-t19p
Ip phone sip-t20p
Ip phone sip-t21p
Ip phone sip-t22p
Ip phone sip-t26p
Ip phone sip-t28p
Ip video phone vp530
Ultra-elegant ip phone sip-t41p
Ultra-elegant ip phone sip-t42g
Ultra-elegant ip phone sip-t46g
Ultra-elegant ip phone sip-t48g
W52P
Ultra-elegant ip phone sip-t41p firmware
Device management


Copyright 2024, cxsecurity.com

 

Back to Top