Submit #736622: Yealink MeetingBar A30 133.321.0.3 Command Injectioninfo

TitleYealink MeetingBar A30 133.321.0.3 Command Injection
DescriptionAn issue in Yealink MeetingBar A30 133.321.0.3 allows attacker physically access the device without a valid login to execute arbitrary code via a crafted request the ping function of the diagnostic component. And the problem should be exists in the most lower version of the device
Source⚠️ https://drive.google.com/file/d/1Uf46ihr8UmeXsFfkcvAeOtF1TkvGjozy/view?usp=sharing
User
 cccll (UID 92824)
Submission01/12/2026 06:07 PM (2 months ago)
Moderation02/01/2026 08:38 AM (20 days later)
StatusAccepted
VulDB entry343634 [Yealink MeetingBar A30 133.321.0.3 Diagnostic command injection]
Points18

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!