Security for everyone

CVE-2021-27561 Scanner

Detects 'Command Injection' vulnerability in Yealink Device Management (DM) affects v.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one




Yealink Device Management (DM) is a product designed for device management, offering administrators a simple and convenient means of installing, configuring, and managing Yealink audio and video devices across a network. The tool provides real-time monitoring, remote configuration, and upgrade management for supported devices. Configuration templates can be created and used across multiple devices, allowing administrators to simplify their workflow and improve productivity.

A vulnerability code CVE-2021-27561 has been detected in Yealink Device Management tool, which allows unauthorized access to the system. An attacker can exploit this vulnerability by injecting commands into the system as root via the /sm/api/v1/firewall/zone/services URI without authentication. This can lead to the system being compromised, and sensitive information being accessed. The vulnerability can potentially be leveraged to install malware or carry out additional attacks on the network.

If exploited by malicious actors, the vulnerability can lead to system compromise and potential data theft. The attacker, being able to control the whole system, can take complete control over the network and use it for their purpose. The system's performance will be slowed down, which can lead to losses. The ramifications of the attack can be long-term, and the restoration of the system may cost a large amount in terms of time, money, and resources. 

In conclusion, digital asset security is of utmost importance and requires proactive measures. With the pro features of the platform, it's easy for readers to stay up-to-date about vulnerabilities in their digital assets. This platform provides the latest information about potential vulnerabilities and proactive measures to mitigate those vulnerabilities. With the help of their trusted advisory and cutting-edge technology, this platform can help readers protect their digital assets before it's too late.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture