Skip to main content
CVE-2013-5758 CRITICAL POC THREAT Emergency

cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute arbitrary commands by calling the system method in the body of a request, as demonstrated by running. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.7%.

Command Injection Sip T38G
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
11.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy