Yealink Sip-t21(p)e2 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Yealink Sip-t21(p)e2 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-66738 — CVSS 8.8 (high): An issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the…
CVE-2025-66737 — CVSS 4.3 (medium): Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a…