CVE-2018-16221

HIGH

Yealink SIP-T41P 66.83.0.35 - Authenticated Path Traversal via Diagnostics Web Interface

Title source: llm
STIX 2.1

Description

The diagnostics web interface in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) does not validate (escape) the path information (path traversal), which allows an authenticated remote attacker to get access to privileged information (e.g., /etc/passwd) via path traversal (relative path information in the file parameter of the corresponding POST request).

References (2)

Core 2

Scores

CVSS v3 8.0
EPSS 0.0150
EPSS Percentile 71.1%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (1)
yealink/ultra-elegant_ip_phone_sip-t41p_firmware 66.83.0.35
Published May 29, 2019
Tracked Since Feb 18, 2026