← Back

Sip T21(p)e2 Firmware

sip-t21(p)e2_firmware

Vendor: Yealink • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-66737
1Yealink
1Sip T21(p)e2 Firmware
Jan 9, 2026
Dec 26, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component.
CVE-2025-66738
1Yealink
1Sip T21(p)e2 Firmware
Jan 9, 2026
Dec 26, 2025
N/A· v4
8.8 HIGH· v3
N/A· v2
An issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component.