Yealink Voip Phone Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Yealink Voip Phone Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
- CVE-2014-3427 — CVSS 5.0 (medium): CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary HTTP headers and…
- CVE-2014-3428 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web…