Published: 03/08/2014 Updated: 04/08/2014

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

VMScore: 910

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute arbitrary commands by calling the system method in the body of a request, as demonstrated by running unauthorized services, changing directory permissions, and modifying files.

Vulnerable Product	Search on Vulmon	Subscribe to Product
yealink sip-t38g -

Title: Yealink VoIP Phone SIP-T38G Remote Command Execution Author: MrUn1k0d3r & DorethZ10 From RingZer0 Team Vendor Homepage: wwwyealinkcom/Companyprofileaspx Version: VoIP Phone SIP-T38G CVE: CVE-2013-5758 Description: Using cgiServerexx we are able to send OS command using the system function POC: POST /cgi-bin/cgiServerex ...

Title: Yealink VoIP Phone SIP-T38G Privileges Escalation Author: MrUn1k0d3r & DorethZ10 From RingZer0 Team Vendor Homepage: wwwyealinkcom/Companyprofileaspx Version: VoIP Phone SIP-T38G CVE: CVE-2013-5759 Description: Using the fact that cgiServerexx run under the root privileges we use the command execution (CVE-2013-5758) to mo ...

Yealink VoIP phone version SIP-T38G suffers from a remote command execution vulnerability ...

Yealink VoIP phone version SIP-T38G suffers from a remote privilege escalation vulnerability that gains a root shell ...

CWE-78 http://packetstormsecurity.com/files/127096/Yealink-VoIP-Phone-SIP-T38G-Remote-Command-Execution.html http://packetstormsecurity.com/files/127093/Yealink-VoIP-Phone-SIP-T38G-Privilege-Escalation.html http://www.exploit-db.com/exploits/33742 http://www.exploit-db.com/exploits/33741 http://www.osvdb.org/108080 https://nvd.nist.gov https://www.exploit-db.com/exploits/33741/

CVE-2013-5758

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect