← Back to CVE List
CVE-2021-27561
Published:
2021-10-15T18:15Z
Last Modified:
2025-03-07T17:12Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt