Loading
Directory traversal vulnerability in Yealink VoIP Phone SIP-T38G allows remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to cgi-bin/cgiServer.exx.
Use CWE-22, Yealink vendor hub and Sip-T38g product page to widen CVE-2013-5756 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2013-5755, CVE-2013-5758 and CVE-2013-5757 for nearby disclosures in the same product family.