We have recently found a security hole in Yealink phones when located on a public IP. Having the phone on a public IP allows hacker access to the phone and extraction of the username and password. We don't really know what paths hackers are using to get the password from the phone. (If anyone knows, we would appreciate hearing from you.)

We recommend you take the following precautions on all such phones:

1. Don't put them on a public IP unless absolutely necessary.
2. If you must, firewall block all ports below 5000. This should prevent most access paths. Or better, block all IP's except ones that you need to communicate with. 82.192.91.0/24 is a known phone hacking site in Holland, so for sure, block that.
3. Upgrade to the latest firmware.
4. Use a very secure admin password. Passwords consisting of 9 digits provide a billion combinations. Adding letters and capital letters into the mix increases that number to 13,537,086,546,263,552. (13,000 trillion)