CVE-2024-48353

Nov. 1, 2024, 8:24 p.m.

Product(s) Impacted

Yealink Meeting Server

  • before V26.0.0.67

Description

Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information.

Weaknesses

Date

Published: Nov. 1, 2024, 6:15 p.m.

Last Modified: Nov. 1, 2024, 8:24 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References