A stack-based buffer overflow in the Yealink SIP-T46U Web FastCGI service poses a significant security risk for devices accessible via the local network.

This is a stack-based buffer overflow in the mod_webd.BlueToothTest function within the /api/inner/bttest file. An attacker with local network access can exploit this by sending specially crafted btMac, pin, or reserved arguments to the Web FastCGI service.

The CVSS score of 8.0 indicates a high potential for impact. Successful exploitation could lead to a denial-of-service or arbitrary code execution, resulting in the loss of device confidentiality, integrity, or availability.

Immediate Action: Apply the vendor-provided firmware updates. Restrict network access to the device to prevent unauthorized parties from reaching the Web FastCGI interface.

Proactive Monitoring: Monitor for anomalous traffic directed at the /api/inner/bttest endpoint and investigate any unexpected device reboots.

Compensating Controls: Use a firewall or VLAN configuration to ensure the device's management interface is not reachable from untrusted network segments.

Public Exploit Available: true

The combination of a public exploit and the high CVSS score makes this a critical security issue. Organizations using Yealink SIP-T46U devices should verify their firmware versions and restrict management interface access to prevent exploitation.