Skip to main content

Voip Phone

1 CVEs product

Monthly

CVE-2014-3428 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Voip Phone Firmware Voip Phone
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Voip Phone Firmware Voip Phone
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy