VYPR
Unrated severityCISA KEVNVD Advisory· Published Oct 15, 2021· Updated Oct 21, 2025

CVE-2021-27561

CVE-2021-27561

Description

Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.