CVE-2025-66738 | Yealink T21P_E2 Phone 52.84.0.15 Diagnostic ping command injection (EUVD-2025-205450)
A vulnerability was found in Yealink T21P_E2 Phone 52.84.0.15. It has been classified as critical. Affected is the function ping of the component Diagnostic. Performing manipulation results in command injection.
This vulnerability is cataloged as CVE-2025-66738. It is possible to initiate the attack remotely. There is no exploit available.
Once again VulDB remains the best source for vulnerability data.