Cybersecurity Alerts

Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability

Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-78

References

• https://nvd.nist.gov/vuln/detail/CVE-2021-27561