CVE-2018-16221

Name of the Vulnerable Software and Affected Versions Yeahlink Ultra-elegant IP Phone SIP-T41P version 66.83.0.35

Description The diagnostics web interface in the affected device does not properly validate path information, allowing an authenticated remote attacker to access privileged information through path traversal. This can be achieved by manipulating the file parameter in a POST request with relative path information. For example, an attacker could access sensitive files such as /etc/passwd.

Recommendations For version 66.83.0.35, as a temporary workaround, consider restricting access to the diagnostics web interface until a patch is available. Avoid using the file parameter in the affected POST request to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.