RSS   Vulnerabilities for 'Gxp1615 firmware'   RSS

2019-04-01
 
CVE-2018-17565

CWE-78
 

 
Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell.

 
 
CVE-2018-17564

CWE-20
 

 
A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.

 
 
CVE-2018-17563

CWE-311
 

 
A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext.

 

 >>> Vendor: Grandstream 29 Products
Budgetone
Budgetone 101
Budgetone 102
Gxp-2000
Budgetone 200
Sip phone
Ht488
Gxv3500
Gxv3501
Gxv3504
Gxv3601
Gxv3601hd/ll
Gxv3611hd/ll
Gxv3615w/p
Gxv3615wp hd
Gxv3651fhd
Gxv3662hd
Gxv device firmware
Gxv3611 hd firmware
WAVE
Ht802 firmware
Gxp1610 firmware
Gxp1615 firmware
Gxp1620 firmware
Gxp1625 firmware
Gxp1628 firmware
Gxp1630 firmware
Gac2500 firmware
Gxp2200 firmware


Copyright 2024, cxsecurity.com

 

Back to Top