EIP-2026-102131

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102131. PoCs published by xistence.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in YeaLink IP Phone SIP-TxxP firmware <=9.70.0.100, including CSRF to enable telnet, default credentials for shell access, and a remote buffer overflow in the /yealink/bin/macd process. It includes functional Python scripts to enable telnet and execute commands via default credentials.

Description

YeaLink IP Phone SIP-TxxP Firmware 9.70.0.100 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by xistence · textwebappshardware

https://www.exploit-db.com/exploits/23572

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in YeaLink IP Phone SIP-TxxP firmware <=9.70.0.100, including CSRF to enable telnet, default credentials for shell access, and a remote buffer overflow in the /yealink/bin/macd process. It includes functional Python scripts to enable telnet and execute commands via default credentials.

Classification

Working Poc 95%

Attack Type

Rce | Auth Bypass | Dos

Complexity

Trivial

Reliability

Reliable

Target: YeaLink IP Phone SIP-TxxP firmware <=9.70.0.100

Auth required

Prerequisites: Network access to the target device · Default credentials for 'user' and 'guest' accounts

MITRE ATT&CK

T1189 - Drive-by Compromise T1078 - Valid Accounts T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

YeaLink IP Phone SIP-TxxP Firmware 9.70.0.100 - Multiple Vulnerabilities

Exploitation Summary

Description

Exploits (1)

Details