Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to a denial of service attack against the TR-069 service. An unauthenticated remote attacker can stop the service due to a NULL pointer dereference in the TR-069 service. This condition is triggered due to mishandling of the HTTP Authentication field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
grandstream ht801_firmware |
||
grandstream ht802_firmware |
||
grandstream ht812_firmware |
||
grandstream ht814_firmware |
||
grandstream ht818_firmware |
||
grandstream ht813_firmware |