Published: 29/07/2020 Updated: 31/07/2020
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

Grandstream HT800 series firmware version and below contain a backdoor in the SSH service. An authenticated remote attacker can obtain a root shell by correctly answering a challenge prompt.

Vulnerability Trend

Recent Articles

4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users
Threatpost • Tara Seals • 31 Jul 2020

Multiple high-severity vulnerabilities in the Grandstream HT800 series of Analog Telephone Adaptors (ATAs) threaten home office and midrange users alike, with outages, eavesdropping and device takeover.
The HT800 series of ATAs is designed for everyone from home or small-office users to medium-sized businesses, looking to connect their analog telephone devices to a VoIP network, unified communications system or other IP-based communications infrastructure. According to analysis from Tenabl...