Sign-up

ID

VAR-201905-0823


CVE

CVE-2018-16217


TITLE

Yeahlink Ultra-elegant IP Phone SIP-T41P In OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015556

DESCRIPTION

The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection. Yeahlink Ultra-elegant IP Phone SIP-T41P Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. YealinkYeahlinkUltra-elegantIPPhoneSIP-T41P is an IP phone from China's Yealink. A command injection vulnerability exists in the networkdiagnostic feature of YealinkYeahlinkUltra-elegantIPPhoneSIP-T41P using 66.83.0.35 firmware. The vulnerability stems from the fact that external input data constructs executable commands, and the network system or product does not properly filter the special elements. An attacker could exploit the vulnerability to execute an illegal command

Trust: 2.34

sources: NVD: CVE-2018-16217 // JVNDB: JVNDB-2018-015556 // CNVD: CNVD-2019-16224 // VULHUB: VHN-126554 // VULMON: CVE-2018-16217

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-16224

AFFECTED PRODUCTS

vendor:yealinkmodel:ultra-elegant ip phone sip-t41pscope:eqversion:66.83.0.35

Trust: 1.8

vendor:yealinkmodel:yeahlink ultra-elegant ip phone sip-t41pscope:eqversion:66.83.0.35

Trust: 0.6

sources: CNVD: CNVD-2019-16224 // JVNDB: JVNDB-2018-015556 // NVD: CVE-2018-16217

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-16217
value: HIGH

Trust: 1.0

NVD: CVE-2018-16217
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-16224
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201905-1086
value: HIGH

Trust: 0.6

VULHUB: VHN-126554
value: HIGH

Trust: 0.1

VULMON: CVE-2018-16217
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-16217
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2019-16224
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-126554
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-16217
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2019-16224 // VULHUB: VHN-126554 // VULMON: CVE-2018-16217 // JVNDB: JVNDB-2018-015556 // CNNVD: CNNVD-201905-1086 // NVD: CVE-2018-16217

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.9

sources: VULHUB: VHN-126554 // JVNDB: JVNDB-2018-015556 // NVD: CVE-2018-16217

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-1086

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201905-1086

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015556

PATCH
title:SIP-T41P Ultra-elegant IP Phoneurl:https://yealink.jp/product/sip-t41p/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-015556

EXTERNAL IDS
db:NVDid:CVE-2018-16217
Trust: 3.2
db:JVNDBid:JVNDB-2018-015556
Trust: 0.8
db:CNNVDid:CNNVD-201905-1086
Trust: 0.7
db:CNVDid:CNVD-2019-16224
Trust: 0.6
db:VULHUBid:VHN-126554
Trust: 0.1
db:VULMONid:CVE-2018-16217
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-16224 // 
            
            
            
            VULHUB: VHN-126554 // 
            
            
            
            VULMON: CVE-2018-16217 // 
            
            
            
            JVNDB: JVNDB-2018-015556 // 
            
            
            
            CNNVD: CNNVD-201905-1086 // 
            
            
            
            NVD: CVE-2018-16217

REFERENCES
url:https://www.sit.fraunhofer.de/fileadmin/dokumente/cve/advisory_yealink_ultra-elegantipphone_sipt41p.pdf?_=1549375271
Trust: 3.2
url:https://www.sit.fraunhofer.de/de/securitytestlab/
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2018-16217
Trust: 2.0
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-16217
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/78.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-16224 // 
            
            
            
            VULHUB: VHN-126554 // 
            
            
            
            VULMON: CVE-2018-16217 // 
            
            
            
            JVNDB: JVNDB-2018-015556 // 
            
            
            
            CNNVD: CNNVD-201905-1086 // 
            
            
            
            NVD: CVE-2018-16217

SOURCES
db:CNVDid:CNVD-2019-16224
db:VULHUBid:VHN-126554
db:VULMONid:CVE-2018-16217
db:JVNDBid:JVNDB-2018-015556
db:CNNVDid:CNNVD-201905-1086
db:NVDid:CVE-2018-16217

LAST UPDATE DATE
2024-11-23T22:48:23.367000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-16224date:2019-06-02T00:00:00
db:VULHUBid:VHN-126554date:2019-05-31T00:00:00
db:VULMONid:CVE-2018-16217date:2019-05-31T00:00:00
db:JVNDBid:JVNDB-2018-015556date:2019-06-12T00:00:00
db:CNNVDid:CNNVD-201905-1086date:2019-06-19T00:00:00
db:NVDid:CVE-2018-16217date:2024-11-21T03:52:18.033

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-16224date:2019-06-02T00:00:00
db:VULHUBid:VHN-126554date:2019-05-29T00:00:00
db:VULMONid:CVE-2018-16217date:2019-05-29T00:00:00
db:JVNDBid:JVNDB-2018-015556date:2019-06-12T00:00:00
db:CNNVDid:CNNVD-201905-1086date:2019-05-29T00:00:00
db:NVDid:CVE-2018-16217date:2019-05-29T18:29:00.740