Security Advisory

CVE-2021-27561

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-15 17:11:45
Last updated 2025-10-21 23:25:28
Assigner mitre
State PUBLISHED

Description

Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.

← Browse all CVEs View on cve.org ↗