logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2021-27561

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2021-27561

Description:
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.
Last updated date:
10/21/2021

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
02/23/2021
Reference url to background

https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/

Type:
exploitation
Confidence:
HIGH
Date of publishing:
11/03/2021
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2023

Privacy Policy