Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/upload_vpntar interface.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
grandstream gxp1610_firmware |
||
grandstream gxp1615_firmware |
||
grandstream gxp1620_firmware |
||
grandstream gxp1625_firmware |
||
grandstream gxp1628_firmware |
||
grandstream gxp1630_firmware |