CVE-2016-1519

2017-04-21T20:59:00
ID CVE-2016-1519
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:59:00

Description

The com.softphone.common package in the Grandstream Wave app 1.0.1.26 and earlier for Android does not properly validate SSL certificates, which allows man-in-the-middle attackers to spoof the Grandstream provisioning server via a crafted certificate.