Yealink Meeting Server Vulnerability Discovered
CVE-2024-24091
9.8CRITICAL
What is CVE-2024-24091?
An OS command injection vulnerability exists in Yealink Meeting Server versions before 26.0.0.66, allowing attackers to exploit the file upload interface. This vulnerability can lead to unauthorized command execution on the server, posing significant risks to the confidentiality, integrity, and availability of the affected system. Proper security measures and patches are essential to mitigate these vulnerabilities and protect sensitive information.