CVE-2026-12222— Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow
Possible ATT&CK Techniques 2AI
T1059 · Command and Scripting Interpreter T1190 · Exploit Public-Facing ApplicationGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-12222
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function mod_webd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs to be done within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
栈缓冲区溢出
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-12222
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-12222
请登录查看更多情报信息。
Exploits & Public PoCs for CVE-2026-12222 (1)
Same Patch Batch · Yealink · 2026-06-15 · 6 CVEs total
| CVE-2026-12220 | 8.0 HIGH | Yealink SIP-T46U Firmware Chunk Upload handler accupgradebychunk mod_upgrade.SparePartsUpl |
| CVE-2026-12218 | 8.0 HIGH | Yealink SIP-T46U Web FastCGI Service beforewifitest StartReportInformation stack-based ove |
| CVE-2026-12221 | 8.0 HIGH | Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack-based overflow |
| CVE-2026-12219 | 6.3 MEDIUM | Yealink SIP-T46U Web FastCGI Service start mod_diagnose.CommandShellByType command injecti |
| CVE-2026-12223 | 5.5 MEDIUM | Yealink SIP-T46U Web FastCGI Service tftpuploadiperf mod_webd.TFTPUploadIperf command inje |
IV. Related Vulnerabilities
Same product: SIP-T46U
- CVE-2026-12223
Yealink SIP-T46U Web FastCGI Service tftpuploadiperf mod_web - CVE-2026-12221
Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack - CVE-2026-12220
Yealink SIP-T46U Firmware Chunk Upload handler accupgradebyc - CVE-2026-12219
Yealink SIP-T46U Web FastCGI Service start mod_diagnose.Comm - CVE-2026-12218
Yealink SIP-T46U Web FastCGI Service beforewifitest StartRep
Same vendor: Yealink
- CVE-2026-12223
Yealink SIP-T46U Web FastCGI Service tftpuploadiperf mod_web - CVE-2026-12221
Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack - CVE-2026-12220
Yealink SIP-T46U Firmware Chunk Upload handler accupgradebyc - CVE-2026-12219
Yealink SIP-T46U Web FastCGI Service start mod_diagnose.Comm - CVE-2026-12218
Yealink SIP-T46U Web FastCGI Service beforewifitest StartRep
Same weakness: CWE-121
- CVE-2026-10829
NPort W2150A-W4/W2250A-W4远程代码执行漏洞 - CVE-2026-7273
Zyxel GS1900-48HPv2固件堆栈溢出致命令执行 - CVE-2026-12221
Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack - CVE-2026-12220
Yealink SIP-T46U Firmware Chunk Upload handler accupgradebyc - CVE-2026-12218
Yealink SIP-T46U Web FastCGI Service beforewifitest StartRep
V. Comments for CVE-2026-12222
No comments yet