Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute arbitrary commands by calling the system method in the body of a request, as demonstrated by running unauthorized services, changing directory permissions, and modifying files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yealink VoIP Phone SIP-T38G‘cgiServer.exx’输入验证漏洞
Vulnerability Description
Yealink VoIP Phone SIP-T38G是中国亿联(YeaLink)公司的千兆彩屏IP电话产品。该产品支持来电人头像显示、通话录音和匿名呼叫等。 Yealink VoIP Phone SIP-T38G中的cgi-bin/cgiServer.exx文件存在安全漏洞。远程攻击者可通过在请求中调用系统方法利用该漏洞执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A