CNNVD-202506-2881 Information
CNNVD ID
CNNVD-202506-2881
Related CVE
- CNNVD Published: 2025-06-21
Description (Chinese)
Yealink YMCS RPS API是中国亿联(Yealink)公司的一款设备接口。 Yealink YMCS RPS API 2025-05-26之前版本存在安全漏洞,该漏洞源于缺少速率限制,可能导致信息泄露。
Description (English)
Yealink YMCS RPS API is a device interface with Yealink. There was a security loophole in the pre-Yealink YMCS RPS API 2025-05-26 version, which stemmed from lack of speed constraints and could lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
亿联
Published
2025-06-21
Last Modified
2026-02-24
References
https://seclists.org/fulldisclosure/2025/Jun/20 https://support.yealink.com/en/portal/knowledge/show?id=6476e7cd6a27da76bd06a9c9 https://www.yealink.com/en/trust-center/security-advisories/f8205560a8c7443f https://dnip.ch/2025/06/25/yealink-voip-phones-insecurity-by-design/ https://access.redhat.com/security/cve/cve-2025-52917
Patch
https://www.yealink.com/en/trust-center/security-advisories/f8205560a8c7443f
Share on: