Stack-based Buffer Overflow in Yealink SIP-T46U Firmware Chunk Upload Handler
CVE-2026-12220

8.6HIGH

Key Information:

Vendor

Yealink

Status
Sip-t46u
Vendor
CVE Published:
15 June 2026

What is CVE-2026-12220?

A stack-based buffer overflow vulnerability has been identified in the Yealink SIP-T46U firmware version 108.86.0.118. This security flaw resides within the mod_upgrade.SparePartsUpload function in the Firmware Chunk Upload handler, located at /api/upgrade/accupgradebychunk. An attacker on the same local network can exploit this vulnerability by manipulating the uid argument, potentially leading to arbitrary code execution. The vulnerability has been publicly disclosed, and while the vendor has been notified, no response has been received regarding mitigation or patch details.

Affected Version(s)

SIP-T46U 108.86.0.118

References

https://vuldb.com/vuln/370863
vdb-entrytechnical-description
https://vuldb.com/vuln/370863/cti
signaturepermissions-required
https://vuldb.com/cve/CVE-2026-12220
third-party-advisory

CVSS V4

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

CookedMelon (VulDB User)
VulDB CNA Team
.