Skip to main content
CVE-2025-66738 HIGH POC This Week

Authenticated command injection in the Yealink SIP-T21P_E2 IP phone (firmware 52.84.0.15) lets a remote user with normal, non-administrative privileges execute arbitrary operating-system commands by sending a crafted request to the ping utility of the diagnostic component. Because the CVSS vector reports PR:L, exploitation requires only a low-privileged authenticated session, and publicly available exploit code exists, though the EPSS probability remains modest at 0.60% (44th percentile) and the flaw is not listed in CISA KEV. Successful exploitation yields full high-impact compromise of confidentiality, integrity, and availability on the device.

Command Injection RCE Sip T21 P E2 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy