CVE-2024-48353

Nov. 1, 2024, 8:24 p.m.

Tags

cve@mitre.org
2024-11-01
CVE-2024-48353

Product(s) Impacted

Yealink Meeting Server

  • before V26.0.0.67

Description

Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information.

Weaknesses

Date

Published: Nov. 1, 2024, 6:15 p.m.

Last Modified: Nov. 1, 2024, 8:24 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

http://yealink.com
cve@mitre.org
https://www.yealink.com/en/trust-center/security-advisories/b1998ab629254ca3
cve@mitre.org