Yealink Meeting Server

yealink_meeting_server

Vendor: Yealink • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-48353 1Yealink 1Yealink Meeting Server Mar 7, 2025 Nov 1, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information.
CVE-2024-48352 1Yealink 1Yealink Meeting Server Nov 5, 2024 Nov 1, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterprise ID.
CVE-2024-24091 1Yealink 1Yealink Meeting Server Nov 21, 2024 Feb 8, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection vulnerability via the file upload interface.