CVE-2026-1735
Command Injection in Yealink MeetingBar A30 Diagnostic Handler
Publication date: 2026-02-02
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yealink | meetingbar_a30 | From 133.321.0.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1735 is a command injection vulnerability in the Yealink MeetingBar A30 device (version 133.321.0.3), specifically in the Diagnostic Handler component. It allows an attacker with physical access to the device to execute arbitrary code without needing any authentication. The vulnerability occurs because the device improperly handles input used to construct system commands, enabling attackers to inject malicious commands. A proof-of-concept exploit is publicly available. [1, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by compromising the confidentiality, integrity, and availability of the Yealink MeetingBar A30 device. An attacker with physical access can execute arbitrary commands, potentially taking control of the device, disrupting its operation, or accessing sensitive information. Since no authentication is required, the attack is straightforward and can lead to unauthorized control or damage to the device. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking for unauthorized or suspicious use of the ping function within the Diagnostic Handler component on the Yealink MeetingBar A30 device. Since exploitation requires physical access and involves command injection via specially crafted requests to the ping function, monitoring for unusual ping commands or attempts to inject commands locally may help. However, no specific detection commands or network-based detection methods are provided. Physical inspection and verifying device firmware versions may be necessary. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting physical access to the Yealink MeetingBar A30 device to prevent exploitation, as the attack requires physical presence. Since the vendor has not provided any patches or countermeasures, and no mitigations are currently known, replacing the affected product is suggested as a mitigation. Monitoring for suspicious activity and disabling or restricting the diagnostic handler's ping function, if possible, may also help reduce risk. [3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in Yealink MeetingBar A30 allows command injection via physical access, potentially impacting the confidentiality, integrity, and availability of the device.
Such impacts on confidentiality and integrity could lead to non-compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.
However, there is no explicit information provided about direct effects or assessments related to compliance with these standards in the available resources.