Vulnerabilities (CVE)

Filtered by vendor Yealink Subscribe
Filtered by product Voip Phone Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3428 1 Yealink 2 Voip Phone, Voip Phone Firmware 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet.
CVE-2014-3427 1 Yealink 1 Voip Phone Firmware 2024-11-21 5.0 MEDIUM N/A
CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model parameter to servlet.