An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XGrandstream Gxp1610
HWGrandstreamwszystkie wersjeGrandstream Gxp1610 Firmware
OSGrandstream< 1.0.7.81Grandstream Gxp1615
HWGrandstreamwszystkie wersjeGrandstream Gxp1615 Firmware
OSGrandstream< 1.0.7.81Grandstream Gxp1620
HWGrandstreamwszystkie wersjeGrandstream Gxp1620 Firmware
OSGrandstream< 1.0.7.81Grandstream Gxp1625
HWGrandstreamwszystkie wersjeGrandstream Gxp1625 Firmware
OSGrandstream< 1.0.7.81Grandstream Gxp1628
HWGrandstreamwszystkie wersjeGrandstream Gxp1628 Firmware
OSGrandstream< 1.0.7.81Grandstream Gxp1630
HWGrandstreamwszystkie wersjeGrandstream Gxp1630 Firmware
OSGrandstream< 1.0.7.81
Related vulnerabilities
A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers t...
Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones ...
Grandstream Networks GXP1628 <=1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured w...
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command executio...
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command executio...