CVE-2021-27561: Yealink Device Management Server-Side Request Forgery

Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability. Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.

• CISA KEV-listed (remediation due 2021-11-17)
• EPSS 94.1% (99.9% percentile)

Browse the CVE database

Read the full analysis on IntelFusions