CVE-2025-14228 | Yealink SIP-T21P E2 52.84.0.15 Local Directory Page cross site scripting

A vulnerability classified as problematic has been found in Yealink SIP-T21P E2 52.84.0.15. Impacted is an unknown function of the component Local Directory Page. This manipulation causes cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer.

The identification of this vulnerability is CVE-2025-14228. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More