Vulnerability CVE-2024-24681
Published: 2024-02-23   Modified: 2024-02-24

Description:
Insecure AES key in Yealink Configuration Encrypt Tool below verrsion 1.2. A single, vendorwide, hardcoded AES key in the configuration tool used to encrypt provisioning documents was leaked leading to a compromise of confidentiality of provisioning documents.

 References:
https://www.reddit.com/r/VOIP/comments/ys9mel/what_are_some_of_the_good_white_label_voip/
Copyright 2026, cxsecurity.com

 

Back to Top