CRLF injection vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the model parameter to servlet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
yealink voip phone firmware 28.72.0.2 |