A vulnerability classified as critical has been found in Yeahlink Ultra-elegant IP Phone SIP-T41P 66.83.0.35 (IP Phone Software). This affects an unknown functionality of the component Network Diagnostic. The manipulation with an unknown input leads to a os command injection vulnerability. CWE is classifying the issue as CWE-78. The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:

The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection.

The weakness was published 05/29/2019. This vulnerability is uniquely identified as CVE-2018-16217 since 08/30/2018. It is possible to initiate the attack remotely. The successful exploitation needs a authentication. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1202 according to MITRE ATT&CK.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Similar entries are available at VDB-135677 and VDB-135676. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• IP Phone Software

Vendor

• Yeahlink

Name

• Ultra-elegant IP Phone SIP-T41P

Version

• 66.83.0.35

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Submitinfo

Duplicate

• Submit #XXXXXX: Xxxxxxx Xxx-xxxx Xxxx Xx.xx.x.xxx Xxx Xxxxx Xx Xxxxxxx Xxxxxxxxx (by Syrtain)

Discussion