Primary

Context

Yealink T21P_E2 Phone Command Injection Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A command injection vulnerability has been identified in the Yealink T21P_E2 Phone, specifically in the firmware version 52.84.0.15. This vulnerability allows a remote attacker with normal privileges to execute arbitrary code by sending a crafted request through the ping function of the diagnostic component.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution on the affected device, potentially allowing for further exploitation or manipulation of the device's functionality.

Reproduction

To reproduce this vulnerability, log into the phone's web portal and navigate to the 'Network' section, then select 'Diagnostics'. Input a command into the 'cmd' parameter and capture the HTTP traffic using Burp Suite. Append a payload, such as ';id', to the 'cmd' parameter. The appended command will be executed on the device, as demonstrated by the response showing the executed command's output.

Added: Dec 26, 2025, 4:20 PM

Updated: Dec 26, 2025, 5:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

6.6

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Yealink T21P_E2 Phone Command Injection Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating