CVE-2021-27561 — Actively Exploited: Device Management (Yealink)
Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.
| CVE ID | CVE-2021-27561 |
|---|---|
| Vendor | Yealink |
| Product | Device Management |
| Vulnerability name | Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability |
| Date added | 2021-11-03 |
| Remediation due | 2021-11-17 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →