claytonvantol.us

SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2021-27561-yealink-device-management.log

CVE-2021-27561 — Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability

2021-11-03 • CISA Known Exploited Vulnerability

[event] Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.

> AFFECTED SOFTWARE

Field	Value
Vendor	Yealink
Product	Device Management
CWE	CWE-78
CVE ID	CVE-2021-27561
Date Added	2021-11-03
Due Date	2021-11-17
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2021-11-17

> REFERENCES

[1] https://nvd.nist.gov/vuln/detail/CVE-2021-27561

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:16 UTC