Yealink Forums

Full Version: Yealink W73P (W70P + W73H) Remote control
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Hey guys,

can't find any kind of API to remotely (via local network) initiate a call on W73P. It has no such interface in the admin panel. On T-series or W60B with green admin panel you can start a call simply by sending a GET request to /servlet?.... I see a brand new admin panel on W70B which is handled via addresses like /api/inner, so I assume there should be some kind "external" API available. Tried to decompile a firmware, decyphered a yaffs file system bin container, but github scripts fail to go deeper to dump files.

I studied the docs on XML commands, but still it doesn't give answers on Execute object (Non-UI).

Any ideas? I've got a good understanding of how to use APIs, but a little hint will be of high value.

So, I've finally found the Yealink SIP IP Phones XML Browser Developer's Guide_V81_72 which is much more detailed than the regular doc. I've found the Execute object description there.

Another problem - I can't get /servlet code running. The documentation to w70b states I can run the PHP code to run pushXML, but it never lets me in -

curl --location --request POST '' \
--header 'Content-Type: text/xml' \
--header 'Referer:' \
--data-raw '<?xml version="1.0" encoding="ISO-8859-1"?>
<YealinkIPPhoneTextScreen Beep="yes">
<Title>Push test</Title>
<Text>This is a test for pushing text to a phone.</Text>

and I get 403 - User level forbidden

Playing with authorization - basic or digest doesn't help.
looks like w70B has some bug in firmware. In syslog it says:

Jan 22 16:07:43.245.180<info> [1979:3069186064][findSession:177]such session have invalidate,will to create a new session
Jan 22 16:07:43.245.374<info> [1979:3069186064][DoService:59]REMOTE_IP:, URI: /servlet?push=xml
Jan 22 16:07:43.246.912<info> [1979:3069186064][findSession:177]such session have invalidate,will to create a new session
Jan 22 16:07:43.247.419<info> [1979:3069186064][getSession:119]sessionId = beae38f943b8fe42b0d099042993806cc80
Jan 22 16:07:43.248.314<info> [1979:3069186064][DoActionURI:89]ip: Action URI: push=xml
Jan 22 16:07:43.248.682<erro> [1979:3069186064][VerifyUMEAction:229]Error: The AURemoteIP is empty!
Jan 22 16:07:43.249.029<erro> [1979:3069186064][VerifyTrustIP:162]Warn : URI limit all ip! []
Jan 22 16:07:43.249.140<erro> [1979:3069186064][DoActionURI:119]Error : the action verify failed: 403
Jan 22 16:07:43.249.275<info> [1979:3069186064][DoActionRequest:152]DoActionRequest : strResult = []
Jan 22 16:07:43.249.959<info> [1979:3069186064][DoService:107]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~end request[403]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

But in the settings I've tried setting up Action URI Allow IP List to:
- any
- my ip address
- *.*.*.*

Tried setting up via importing config with features.action_uri_limit_ip = any

nothing worked. Still says "Warn : URI limit all ip!"

Looks like it doesn't read the setting when deciding to let an api request in or not.

Has anybody ever submitted a bug to yealink?
Reference URL's