GobyVuls/Yealink/CVE-2021-27561/README.md

# Yealink Device Management Platform SSRF (CVE-2021-27561)

Yealink DM (Device Management) platform offers a comprehensive management solution with key features Unified Deployment and Management, Real-Time Monitoring and Alarm, Remote Troubleshooting. By chaining a pre-auth SSRF vulnerability and a command injection vulnerability, it is possible to execute commands as root without authentication against this product, by sending a simple HTTPS request to the remote target.

**FOFA query rule**: [title="dm-v30"](https://fofa.so/result?qbase64=dGl0bGU9ImRtLXYzMCI%3D)

# Demo

![img](Yealink_Device_Management_Platform_SSRF_CVE_2021_27561.gif)
add Yealink_Device_Management_Platform_SSRF_CVE_2021_27561 2021-08-02 20:27:13 +08:00			`# Yealink Device Management Platform SSRF (CVE-2021-27561)`

			`Yealink DM (Device Management) platform offers a comprehensive management solution with key features Unified Deployment and Management, Real-Time Monitoring and Alarm, Remote Troubleshooting. By chaining a pre-auth SSRF vulnerability and a command injection vulnerability, it is possible to execute commands as root without authentication against this product, by sending a simple HTTPS request to the remote target.`

			`FOFA query rule: [title="dm-v30"](https://fofa.so/result?qbase64=dGl0bGU9ImRtLXYzMCI%3D)`

			`# Demo`

			`![img](Yealink_Device_Management_Platform_SSRF_CVE_2021_27561.gif)`