CVE-2014-3427

Yealink VoIP Phones <28.72.0.2 - CRLF Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3427. PoCs published by Jesus Oquendo.

AI-analyzed exploit summary This exploit demonstrates an HTTP response splitting vulnerability in Yealink VoIP Phones by injecting CR/LF characters into the 'model' parameter. This allows an attacker to manipulate HTTP headers and potentially perform cache poisoning or XSS attacks.

Description

CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model parameter to servlet.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Jesus Oquendo · textwebappsjava
https://www.exploit-db.com/exploits/39334

This exploit demonstrates an HTTP response splitting vulnerability in Yealink VoIP Phones by injecting CR/LF characters into the 'model' parameter. This allows an attacker to manipulate HTTP headers and potentially perform cache poisoning or XSS attacks.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Yealink VoIP Phones firmware 28.72.0.2 and hardware 28.2.0.128.0.0.0
No auth needed
Prerequisites: Network access to the vulnerable Yealink VoIP Phone
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Jun/74
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/532410/100/0/threaded

Scores

EPSS 0.0520
EPSS Percentile 91.5%

Details

Status published
Products (1)
yealink/voip_phone_firmware 28.72.0.2
Published Jul 16, 2014
Tracked Since Feb 18, 2026