CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-66737

Yealink T21P_E2 Phone 52.84.0.15 is vulnerable to Directory Traversal. A remote normal privileged attacker can read arbitrary files via a crafted request result read function of the diagnostic component.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.1%

CVSS Severity

CVSS v3 Score 4.3

References

http://yealink.com
https://drive.google.com/file/d/1MpxnCL4koKupqWWDmY3ljlybjIPD8ieD/view?usp=sharing

Products affected by CVE-2025-66737

Yealink » Sip-T21(P)e2 » Version: N/A

cpe:2.3:h:yealink:sip-t21(p)e2:-
Yealink » Sip-T21(P)e2 Firmware » Version: 52.84.0.15

cpe:2.3:o:yealink:sip-t21(p)e2_firmware:52.84.0.15

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-66737

Products

Pricing

Contact Us