CVE-2018-16218 - OpenCVE

A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Yealink	Ultra-elegant Ip Phone Sip-t41p Firmware Ultra-elegant Ip Phone Sip-t41p

Configuration 1 [-]

AND

cpe:2.3:o:yealink:ultra-elegant_ip_phone_sip-t41p_firmware:66.83.0.35:*:*:*:*:*:*:*

cpe:2.3:h:yealink:ultra-elegant_ip_phone_sip-t41p:-:*:*:*:*:*:*:*

References

Link	Resource
https://www.sit.fraunhofer.de/de/securitytestlab/	Third Party Advisory
https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271	Mitigation Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-05-29T17:56:20

Updated: 2019-05-29T17:56:20

Reserved: 2018-08-30T00:00:00

Link: CVE-2018-16218

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-05-29T18:29:00.787

Modified: 2019-05-31T15:48:04.123

Link: CVE-2018-16218

JSON object: View

Redhat Information

No data.

CWE

CWE-352

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-05-29T17:56:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.sit.fraunhofer.de/de/securitytestlab/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16218", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.sit.fraunhofer.de/de/securitytestlab/", "refsource": "MISC", "url": "https://www.sit.fraunhofer.de/de/securitytestlab/"}, {"name": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271", "refsource": "MISC", "url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-16218", "datePublished": "2019-05-29T17:56:20", "dateReserved": "2018-08-30T00:00:00", "dateUpdated": "2019-05-29T17:56:20", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:yealink:ultra-elegant_ip_phone_sip-t41p_firmware:66.83.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "1C069487-7AB9-4A04-871F-C9F909E2FF9F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:yealink:ultra-elegant_ip_phone_sip-t41p:-:*:*:*:*:*:*:*", "matchCriteriaId": "B78A770C-A9FC-4900-AA3C-72F41745CE2A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim."}, {"lang": "es", "value": "Un CSRF (Cross Site Request Forgery) en la interfaz web de Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35, permite que un atacante remoto desencadene la ejecuci\u00f3n de c\u00f3digo o la modificaci\u00f3n de la configuraci\u00f3n en el dispositivo al proporcionar un enlace creado para la v\u00edctima."}], "id": "CVE-2018-16218", "lastModified": "2019-05-31T15:48:04.123", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-05-29T18:29:00.787", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.sit.fraunhofer.de/de/securitytestlab/"}, {"source": "cve@mitre.org", "tags": ["Mitigation", "Exploit", "Third Party Advisory"], "url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Yealink_Ultra-elegantIPPhone_SIPT41P.pdf?_=1549375271"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}