CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Yealink: >> Configuration Encryption Tool >> 1.1 Security Vulnerabilities

CVE-2024-24681

An issue was discovered in Yealink Configuration Encrypt Tool (AES version) and Yealink Configuration Encrypt Tool (RSA version before 1.2). There is a single hardcoded key (used to encrypt provisioning documents) across customers' installations.

CVSS Score

9.8

EPSS Score

0.001

Published

2024-02-23

CVE-2022-48625

Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a risk of decryption by an adversary.

CVSS Score

7.5

EPSS Score

0.002

Published

2024-02-20

Page 1

Vulnerabilities

Vulnerable Software

Yealink: >> Configuration Encryption Tool >> 1.1 Security Vulnerabilities

Products

Pricing

Contact Us