Vulnerability Details CVE-2025-66738
An issue in Yealink T21P_E2 Phone 52.84.0.15 allows a remote normal privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.9%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2025-66738
-
cpe:2.3:h:yealink:sip-t21(p)e2:-
-
cpe:2.3:o:yealink:sip-t21(p)e2_firmware:52.84.0.15