Skip to main content

Voip Phone Firmware

2 CVEs product

Monthly

CVE-2014-3427 MEDIUM POC This Month

CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Voip Phone Firmware
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
3.5%
CVE-2014-3428 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Voip Phone Firmware Voip Phone
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 3% CVSS 5.0
MEDIUM POC This Month

CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Voip Phone Firmware
NVD Exploit-DB
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Voip Phone Firmware Voip Phone
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy